Sr. Manager, Supply Chain Cybersecurity
Johnson & Johnson
4 hours ago
Remote friendly (Athens, GA)
United States
IT
Sr. Manager, Supply Chain Cybersecurity (Surgery Supply Chain ISRM)
Responsibilities:
- Provide early/proactive engagement with project teams to execute required security capabilities and services (end-to-end support for large programs).
- Perform cybersecurity risk assessments of IT/OT assets at manufacturing sites.
- Drive cybersecurity capability adoption across Surgery sites to secure IT/OT assets and enable safe/secure innovation.
- Provide tailored security guidance by interpreting/applying internal security requirements and standards for IT/OT initiatives and OT-specific technologies.
- Lead the cyber operational portfolio from identification to consulting remediation plan and completion, partnering across ISRM, business, and technology teams.
- Establish security posture data analytics across Surgery business units, functions, and sites.
- Promote the importance of cybersecurity across the sector and sites.
- Support Security Operations Center (SOC) incident investigation activities; liaise with central investigation teams and support affected users.
- Ensure compliance with critical cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives via awareness sessions; identify alternatives to avoid disruptions; review exception requests.
- Provide audit support as liaison between audit, technology, and business from pre-work through remediation plans.
Qualifications:
- 8+ years of cybersecurity leadership/execution experience with supply chain background required.
- Bachelorβs degree in computer science, information technology, business administration, or related rigorous discipline required; MBA preferred.
- 6+ years hands-on experience delivering technology and cybersecurity design/capabilities required.
- Preferred certifications: CISM, CISSP, ISA-62443; CISA; CRISC.
- Excellent communication/collaboration; ability to network and influence across all organizational levels globally and cross-functionally.
- Strategic mindset to develop capability roadmaps enabling proactive reliability via data and automation.
- Experience securing various enterprise architecture layers (data, application, host, middleware, network, infrastructure).
- Solid understanding of security threats, mitigation measures, and security vendors/technologies.
- Strong understanding of security data protection capabilities in manufacturing and/or distribution sites required.
- Direct/support experience with supply chain applications; Sarbanes-Oxley compliance/audit preferred.
- Required knowledge of ISA/IEC 62443, NIST 800-53, and NIST 800-82.
- Ability to lead diverse teams; resource allocation and planning.
- Big-picture and detail-oriented approach to align strategic and tactical security needs.
- AI fluency/background in AI use cases preferred.
Required Skills:
- Cybersecurity
- Supply Chain
Preferred Skills:
- AI use cases background
Benefits (if eligible, per terms/policy and date of hire):
- Vacation: 120 hours/year
- Sick time: 40 hours/year (CO: 48; WA: 56)
- Holiday pay (incl. Floating Holidays): 13 days/year
- Work, Personal and Family Time: up to 40 hours/year
- Parental Leave: 480 hours within one year of birth/adoption/foster care
- Bereavement Leave: 240 hours (immediate family) / 40 hours (extended family) per year
- Caregiver Leave: 80 hours in a 52-week rolling period
- Volunteer Leave: 32 hours/year
- Military Spouse Time-Off: 80 hours/year
Responsibilities:
- Provide early/proactive engagement with project teams to execute required security capabilities and services (end-to-end support for large programs).
- Perform cybersecurity risk assessments of IT/OT assets at manufacturing sites.
- Drive cybersecurity capability adoption across Surgery sites to secure IT/OT assets and enable safe/secure innovation.
- Provide tailored security guidance by interpreting/applying internal security requirements and standards for IT/OT initiatives and OT-specific technologies.
- Lead the cyber operational portfolio from identification to consulting remediation plan and completion, partnering across ISRM, business, and technology teams.
- Establish security posture data analytics across Surgery business units, functions, and sites.
- Promote the importance of cybersecurity across the sector and sites.
- Support Security Operations Center (SOC) incident investigation activities; liaise with central investigation teams and support affected users.
- Ensure compliance with critical cybersecurity regulations (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives via awareness sessions; identify alternatives to avoid disruptions; review exception requests.
- Provide audit support as liaison between audit, technology, and business from pre-work through remediation plans.
Qualifications:
- 8+ years of cybersecurity leadership/execution experience with supply chain background required.
- Bachelorβs degree in computer science, information technology, business administration, or related rigorous discipline required; MBA preferred.
- 6+ years hands-on experience delivering technology and cybersecurity design/capabilities required.
- Preferred certifications: CISM, CISSP, ISA-62443; CISA; CRISC.
- Excellent communication/collaboration; ability to network and influence across all organizational levels globally and cross-functionally.
- Strategic mindset to develop capability roadmaps enabling proactive reliability via data and automation.
- Experience securing various enterprise architecture layers (data, application, host, middleware, network, infrastructure).
- Solid understanding of security threats, mitigation measures, and security vendors/technologies.
- Strong understanding of security data protection capabilities in manufacturing and/or distribution sites required.
- Direct/support experience with supply chain applications; Sarbanes-Oxley compliance/audit preferred.
- Required knowledge of ISA/IEC 62443, NIST 800-53, and NIST 800-82.
- Ability to lead diverse teams; resource allocation and planning.
- Big-picture and detail-oriented approach to align strategic and tactical security needs.
- AI fluency/background in AI use cases preferred.
Required Skills:
- Cybersecurity
- Supply Chain
Preferred Skills:
- AI use cases background
Benefits (if eligible, per terms/policy and date of hire):
- Vacation: 120 hours/year
- Sick time: 40 hours/year (CO: 48; WA: 56)
- Holiday pay (incl. Floating Holidays): 13 days/year
- Work, Personal and Family Time: up to 40 hours/year
- Parental Leave: 480 hours within one year of birth/adoption/foster care
- Bereavement Leave: 240 hours (immediate family) / 40 hours (extended family) per year
- Caregiver Leave: 80 hours in a 52-week rolling period
- Volunteer Leave: 32 hours/year
- Military Spouse Time-Off: 80 hours/year