Cybersecurity Lead MedTech R&D
Johnson & Johnson
5 hours ago
Remote
United States
IT
Job Description (Cybersecurity Lead) for MedTech R&D (ISRM), supporting Electrophysiology. Partner with Technology and Business to lead security culture changes, provide security guidance for innovative technology solutions, secure IT/OT assets, and protect IP across R&D labs and workspaces. Location: Raritan, NJ or Irvine, CA, or remotely in the US.
Responsibilities:
- Proactively engage project teams to execute required security capabilities/services; end-to-end support for large programs.
- Provide risk-based security guidance; interpret and apply IAPP requirements/standards.
- Drive cybersecurity adoption across R&D labs and sites to secure IT/OT assets and enable safe innovation.
- Lead the cyber operational portfolio (identify β consulting remediation plan β completion) across ISRM, business, and technology teams.
- Establish data analytics to report security posture across business units/functions/sites.
- Support SOC incident investigations; liaison with central investigation team.
- Ensure compliance with critical cybersecurity regulations (NIST, NIS2, Safe Data, etc.).
- Support global deployment of security initiatives (awareness sessions, avoid disruptions, review exception requests).
- Drive/manage security gap assessments and remediation; support R&D portfolio integration for key acquisitions.
Qualifications:
- Bachelorβs degree in CS/IT/cybersecurity/business administration or related rigorous discipline.
- 5+ years in IT/OT and/or engineering security focus; hands-on security controls (access control, IDP/IDR, anti-malware, patch management, encryption, forensics, etc.).
- Direct experience supporting Research & Development functions.
- Experience leading security assessments and security assurance across data/application/host/middleware/network/infrastructure.
- Solid understanding of security threats, mitigations, and security vendors/technologies.
- Cloud security experience (AWS, Azure, Salesforce).
- Security standards experience (ISO27001, HiTrust, NIST, etc.); certifications preferred (CISM/CISSP/ISA-62443, CISA, CRISC).
- Awareness of security trends; knowledge of PowerBI/Tableau or similar.
- Ability to collaborate, network, and influence globally across functions.
Preferred Skills:
- Communication; CAPA; Critical Thinking; Information Security Auditing; ISMS; IT Security Assessments; IT Strategies; Mentorship; Network Optimization; Presentation Design; Process Optimization; Report Writing; Security Policies; Technical Credibility; Technologically Savvy; Training People; Vulnerability Assessments.
Responsibilities:
- Proactively engage project teams to execute required security capabilities/services; end-to-end support for large programs.
- Provide risk-based security guidance; interpret and apply IAPP requirements/standards.
- Drive cybersecurity adoption across R&D labs and sites to secure IT/OT assets and enable safe innovation.
- Lead the cyber operational portfolio (identify β consulting remediation plan β completion) across ISRM, business, and technology teams.
- Establish data analytics to report security posture across business units/functions/sites.
- Support SOC incident investigations; liaison with central investigation team.
- Ensure compliance with critical cybersecurity regulations (NIST, NIS2, Safe Data, etc.).
- Support global deployment of security initiatives (awareness sessions, avoid disruptions, review exception requests).
- Drive/manage security gap assessments and remediation; support R&D portfolio integration for key acquisitions.
Qualifications:
- Bachelorβs degree in CS/IT/cybersecurity/business administration or related rigorous discipline.
- 5+ years in IT/OT and/or engineering security focus; hands-on security controls (access control, IDP/IDR, anti-malware, patch management, encryption, forensics, etc.).
- Direct experience supporting Research & Development functions.
- Experience leading security assessments and security assurance across data/application/host/middleware/network/infrastructure.
- Solid understanding of security threats, mitigations, and security vendors/technologies.
- Cloud security experience (AWS, Azure, Salesforce).
- Security standards experience (ISO27001, HiTrust, NIST, etc.); certifications preferred (CISM/CISSP/ISA-62443, CISA, CRISC).
- Awareness of security trends; knowledge of PowerBI/Tableau or similar.
- Ability to collaborate, network, and influence globally across functions.
Preferred Skills:
- Communication; CAPA; Critical Thinking; Information Security Auditing; ISMS; IT Security Assessments; IT Strategies; Mentorship; Network Optimization; Presentation Design; Process Optimization; Report Writing; Security Policies; Technical Credibility; Technologically Savvy; Training People; Vulnerability Assessments.