Threat Detection & Response Manager

Role Summary

Threat Detection & Incident Response Manager to join Johnson & Johnson's global cybersecurity efforts. You will investigate and respond to IT security incidents with timely validation, containment, and recovery. The role requires deep knowledge of digital forensics, incident response, and leading major incident management. Location: Raritan, NJ or fully remote in the U.S., with collaboration across ISRM stakeholders.

Responsibilities

• Digital Forensics and Incident Response. Perform active investigation and response to IT security alerts and incidents. Perform root cause analysis and remediation of material security risks.
• Major Incident Response. Support major incident response activities as either an individual contributor (performing digital forensics and incident response) or response commander (performing overall leadership and management of the major incident). Engage various stakeholders inside and outside of IT/Security, and provide status updates to leadership. Participate in on-call rotation to receive and review incident escalations ahead of major incident response team activation.
• Evaluate and implement enhancements to tooling, documentation/runbooks, detection logic, and/or implement proactive improvements to prevent or detect future incidents.
• Team Development. Mentor and develop team members, fostering a culture of innovation and continuous improvement.
• Tool Evaluation and Selection. Evaluate and recommend cybersecurity tools and technologies that enhance response capabilities.
• Risk Management. Identify potential risks and vulnerabilities in systems and processes and coordinate mitigation of them.
• Threat Intelligence and Analysis. Utilize threat intelligence to inform response efforts and to bolster proactive defense measures.

Qualifications

• Required: 8 years of experience in digital forensics and incident response.
• Required: Digital forensics tools and techniques.
• Required: Incident response including major incident leadership.
• Required: Technical writing and communication.
• Required: Cyber defense frameworks (NIST, ISO, CIS).
• Required: SIEM tools (Splunk, Sentinel).
• Required: Programming or scripting (PHP, Python, JavaScript).

Skills

• Preferred: Business Process Design
• Preferred: Crisis Management
• Preferred: Critical Thinking
• Preferred: Information Security Auditing
• Preferred: Information Security Management System (ISMS)
• Preferred: Information Technology (IT) Security Assessments
• Preferred: Information Technology Strategies
• Preferred: Mentorship
• Preferred: Organizing
• Preferred: Presentation Design
• Preferred: Process Optimization
• Preferred: Root Cause Analysis (RCA)
• Preferred: Security Architecture Design
• Preferred: Security Policies
• Preferred: Technical Credibility
• Preferred: Vulnerability Management

Education

• A bachelor's degree or equivalent experience required.