Cybersecurity Lead MedTech R&D
Johnson & Johnson
12 hours ago
Remote
United States
IT
Responsibilities:
- Provide early/proactive engagement with project teams; end-to-end support for large programs.
- Provide tailored security guidance and interpret/apply IAPP requirements/standards for initiatives.
- Drive cybersecurity adoption across R&D labs and Electrophysiology sites to secure IT/OT assets.
- Lead cyber operational portfolio: identify needs, create remediation plans, and drive completion with ISRM, business, and technology teams.
- Establish security analytics to measure security posture across business units/functions/sites.
- Support SOC incident investigation activities; liaison with central investigation team.
- Ensure compliance with key cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives; run awareness sessions and review exception requests.
- Drive/manage security gap assessments/remediation and support integration for R&D acquisitions.
Qualifications:
- Bachelorβs degree in computer science, IT, cybersecurity, business admin, or related discipline.
- 5+ years in IT/OT/engineering with security focus; hands-on implementation of controls (access control, IDP/IDR, anti-malware, patch management, encryption, forensics, etc.).
- Direct work/support experience with R&D functions.
- Experience leading security assessments/security assurance across enterprise architecture layers (data, app, host, middleware, network, infrastructure).
- Solid knowledge of threats, mitigations, and security vendors/technologies.
- Cloud security experience (AWS/Azure/Salesforce).
- Security standards experience (ISO27001, HiTrust, NIST, etc.); CISM/CISSP/ISA-62443 or CISA/CRISC preferred.
- Data visualization exposure (PowerBI/Tableau) and ability to collaborate/influence globally.
Preferred Skills:
Communication, CAPA, Critical Thinking, Information Security Auditing, ISMS, IT Security Assessments/Strategies, Mentorship, Network Optimization, Presentation Design, Process Optimization, Report Writing, Security Policies, Technical Credibility, Technologically Savvy, Training People, Vulnerability Assessments.
Benefits:
- Vacation: 120 hours/calendar year; Sick time: 40 hours/calendar year (state-specific); Holiday pay (including Floating Holidays): 13 days/year; Work/Personal/Family Time: up to 40 hours/year; Parental Leave: 480 hours (within one year); Bereavement Leave; Caregiver Leave; Volunteer Leave; Military Spouse Time-Off.
- Provide early/proactive engagement with project teams; end-to-end support for large programs.
- Provide tailored security guidance and interpret/apply IAPP requirements/standards for initiatives.
- Drive cybersecurity adoption across R&D labs and Electrophysiology sites to secure IT/OT assets.
- Lead cyber operational portfolio: identify needs, create remediation plans, and drive completion with ISRM, business, and technology teams.
- Establish security analytics to measure security posture across business units/functions/sites.
- Support SOC incident investigation activities; liaison with central investigation team.
- Ensure compliance with key cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives; run awareness sessions and review exception requests.
- Drive/manage security gap assessments/remediation and support integration for R&D acquisitions.
Qualifications:
- Bachelorβs degree in computer science, IT, cybersecurity, business admin, or related discipline.
- 5+ years in IT/OT/engineering with security focus; hands-on implementation of controls (access control, IDP/IDR, anti-malware, patch management, encryption, forensics, etc.).
- Direct work/support experience with R&D functions.
- Experience leading security assessments/security assurance across enterprise architecture layers (data, app, host, middleware, network, infrastructure).
- Solid knowledge of threats, mitigations, and security vendors/technologies.
- Cloud security experience (AWS/Azure/Salesforce).
- Security standards experience (ISO27001, HiTrust, NIST, etc.); CISM/CISSP/ISA-62443 or CISA/CRISC preferred.
- Data visualization exposure (PowerBI/Tableau) and ability to collaborate/influence globally.
Preferred Skills:
Communication, CAPA, Critical Thinking, Information Security Auditing, ISMS, IT Security Assessments/Strategies, Mentorship, Network Optimization, Presentation Design, Process Optimization, Report Writing, Security Policies, Technical Credibility, Technologically Savvy, Training People, Vulnerability Assessments.
Benefits:
- Vacation: 120 hours/calendar year; Sick time: 40 hours/calendar year (state-specific); Holiday pay (including Floating Holidays): 13 days/year; Work/Personal/Family Time: up to 40 hours/year; Parental Leave: 480 hours (within one year); Bereavement Leave; Caregiver Leave; Volunteer Leave; Military Spouse Time-Off.