Sr. Manager, Supply Chain Cybersecurity
Johnson & Johnson
4 hours ago
Remote friendly (Raritan, NJ)
United States
IT
Responsibilities:
- Provide early/proactive engagement with project teams to drive business understanding and execution of security capabilities/services; end-to-end support for large programs.
- Perform cybersecurity risk assessments of IT/OT assets within manufacturing sites.
- Drive cybersecurity capability adoption across Surgery sites to secure IT/OT assets and enable safe, secure innovation.
- Provide tailored security guidance by interpreting/applying internal security requirements and standards for IT/OT initiatives and OT-specific technologies.
- Lead the cyber operational portfolio from identification to consulting remediation plan to completion, partnering across ISRM, business, and technology teams.
- Establish data analytics to provide security posture across Surgery business units/functions/sites.
- Proactively promote cybersecurity importance across the sector and sites.
- Assist the Security Operations Center (SOC) with security incident investigation; support affected users and liaise with central investigation teams.
- Drive business understanding of critical cybersecurity regulations and ensure solutions are compliant (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives (awareness sessions, alternative ways of working to avoid disruptions, review exception requests).
- Provide audit support as liaison between audit, technology, and business from pre-work through consulting remediation plans.
Qualifications:
- 8+ years of cybersecurity leadership/execution experience with a background in Supply Chain (required).
- Bachelorβs degree in computer science, information technology, business administration, or another rigorous discipline (required); MBA preferred.
- 6+ years hands-on experience delivering technology and cybersecurity design/capabilities (required).
- Preferred certifications: CISM, CISSP, ISA-62443; audit (CISA); manufacturing/risk management (CRISC).
- Excellent communication/collaboration; ability to network, interface, and influence globally across functions.
- Strategic mindset to develop capability roadmaps enabled by data and automation.
- Experience securing various enterprise architecture layers (data, application, host, middleware, network, infrastructure).
- Solid understanding of security threats, mitigation, and security vendors/technologies.
- Required: security data protection understanding in a manufacturing and/or distribution site.
- Required: direct/support experience with Supply Chain applications; Sarbanes-Oxley compliance/audit preferred.
- Required: understanding of ISA/IEC 62443, NIST 800-53, NIST 800-82.
- Ability to lead diverse team members, including resource allocation and planning.
- Big-picture and detail-oriented approach to align strategic and tactical security aspects.
- Preferred: AI fluency/background in AI use cases.
Required Skills:
- Cybersecurity
- Supply Chain
Preferred Skills:
- AI fluency/background in AI use cases
Benefits (if applicable as stated):
- Vacation: 120 hours per calendar year
- Sick time: 40 hours per calendar year (48 in CO; 56 in WA)
- Holiday pay incl. Floating Holidays: 13 days per calendar year
- Work, Personal and Family Time: up to 40 hours per calendar year
- Parental Leave: 480 hours within one year of birth/adoption/foster care
- Bereavement Leave: 240 hours immediate family; 40 hours extended family per calendar year
- Caregiver Leave: 80 hours in a 52-week rolling period
- Volunteer Leave: 32 hours per calendar year
- Military Spouse Time-Off: 80 hours per calendar year
Application instructions (access/accommodation related):
- If you need an accommodation for the interview process: external applicants contact https://www.jnj.com/contact-us/careers; internal employees contact AskGS.
- Provide early/proactive engagement with project teams to drive business understanding and execution of security capabilities/services; end-to-end support for large programs.
- Perform cybersecurity risk assessments of IT/OT assets within manufacturing sites.
- Drive cybersecurity capability adoption across Surgery sites to secure IT/OT assets and enable safe, secure innovation.
- Provide tailored security guidance by interpreting/applying internal security requirements and standards for IT/OT initiatives and OT-specific technologies.
- Lead the cyber operational portfolio from identification to consulting remediation plan to completion, partnering across ISRM, business, and technology teams.
- Establish data analytics to provide security posture across Surgery business units/functions/sites.
- Proactively promote cybersecurity importance across the sector and sites.
- Assist the Security Operations Center (SOC) with security incident investigation; support affected users and liaise with central investigation teams.
- Drive business understanding of critical cybersecurity regulations and ensure solutions are compliant (e.g., NIST, NIS2, Safe Data).
- Support global deployment of security initiatives (awareness sessions, alternative ways of working to avoid disruptions, review exception requests).
- Provide audit support as liaison between audit, technology, and business from pre-work through consulting remediation plans.
Qualifications:
- 8+ years of cybersecurity leadership/execution experience with a background in Supply Chain (required).
- Bachelorβs degree in computer science, information technology, business administration, or another rigorous discipline (required); MBA preferred.
- 6+ years hands-on experience delivering technology and cybersecurity design/capabilities (required).
- Preferred certifications: CISM, CISSP, ISA-62443; audit (CISA); manufacturing/risk management (CRISC).
- Excellent communication/collaboration; ability to network, interface, and influence globally across functions.
- Strategic mindset to develop capability roadmaps enabled by data and automation.
- Experience securing various enterprise architecture layers (data, application, host, middleware, network, infrastructure).
- Solid understanding of security threats, mitigation, and security vendors/technologies.
- Required: security data protection understanding in a manufacturing and/or distribution site.
- Required: direct/support experience with Supply Chain applications; Sarbanes-Oxley compliance/audit preferred.
- Required: understanding of ISA/IEC 62443, NIST 800-53, NIST 800-82.
- Ability to lead diverse team members, including resource allocation and planning.
- Big-picture and detail-oriented approach to align strategic and tactical security aspects.
- Preferred: AI fluency/background in AI use cases.
Required Skills:
- Cybersecurity
- Supply Chain
Preferred Skills:
- AI fluency/background in AI use cases
Benefits (if applicable as stated):
- Vacation: 120 hours per calendar year
- Sick time: 40 hours per calendar year (48 in CO; 56 in WA)
- Holiday pay incl. Floating Holidays: 13 days per calendar year
- Work, Personal and Family Time: up to 40 hours per calendar year
- Parental Leave: 480 hours within one year of birth/adoption/foster care
- Bereavement Leave: 240 hours immediate family; 40 hours extended family per calendar year
- Caregiver Leave: 80 hours in a 52-week rolling period
- Volunteer Leave: 32 hours per calendar year
- Military Spouse Time-Off: 80 hours per calendar year
Application instructions (access/accommodation related):
- If you need an accommodation for the interview process: external applicants contact https://www.jnj.com/contact-us/careers; internal employees contact AskGS.