Director, Product Security Program Operations

Director, Product Security Program Operations - 2406216038WDescriptionJohnson and Johnson is currently recruiting for a Director, Product Security Program Operations within the Johnson & Johnson Technology (JJT) organization.

This role will be based in Milpitas, CA, Raritan, NJ or remote US.At Johnson & Johnson, we believe health is everything.

Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated and cured, where treatments are smarter and less invasive and solutions are personal.

Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for humanity.

Learn more at .The Director, Product Security Program Operations will be responsible for implementation of the ISRM enterprise Product Security strategy and framework.

This includes identifying key strategy and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to MedTech leadership, identifying communications plans and raising overall awareness of the capability.

Specific responsibilities include supporting MedTech business units throughout a new product’s development phases, review product security requirements and recommend security design solutions, ensure the franchises meet regulatory expectations in the QMS.

Key Responsibilities : Position J&J as a leading voice and expert in medical device product security across all MedTech business unitsEnsure the ISRM product security program is integrated into all business unit Quality Management systemsCreate, publish and regularly review vulnerability management metrics to drive timely patching across the portfolio of software enabled medical devices and connected digital health solutionsOversee internal penetration testing capability, including product security lab environmentBuild trust and relationships with global stakeholders, government agencies, and regulators, to ensure confidence in program and productsDrive and shape messaging, policies, and strategic initiatives related to product securityDrive global harmonization of requirements to streamline a shift left mentalityMonitor global regulatory environment trends and changing requirements for product securityBuild relationships and internal network to share information and lead initiatives to carry out strategyThis includes leveraging government affairs, regulatory, legal, quality, R&D and other key resources to support strategic policy initiativesSupport ongoing SOC-2, HIPAA and other internal and external assessments and certifications.

Other MedTech cybersecurity related duties as neededQualificationsEducation : 10 years of experience with a bachelor’s degree or 8 years of experience with an advanced degreeExperience and Skills : Required : 5 Years of Management ExperienceExperience with technical regulatory topics and strong working knowledge of device regulatory requirementsThe ideal candidate is one that is a leader in the medical device regulatory, healthcare and cybersecurity policy spaceMedical device technology may include areas such as artificial intelligence, software medical devices, among other related areasAbility to synthesize and present on complex technical topicsStrong networking and diplomacy skills, ability to build and foster relationship with internal and external regulatory decision makers and industry networks globallyUnderstanding of Quality Design Control processes and FDA submission processes.

Experience with web applications and server hardening (i.e. AWS, Azure) including knowledge of OWASP Top 10 and blue teaming techniquesHands-on experience with software security tools and platforms like Checkmarx, Black Duck, Jfrog Xray, etc.

Hands-on experience with vulnerability assessment tools Qualys, Nexpose, etc.Software development experienceInnovative and strategic thinkerSelf-starter and proven leaderDemonstrated ability to be flexible and take a proactive approach to managing changeExcellent written and verbal communication skillsExperience working in a highly regulated industryPreferred : Experience leading or participating in formal audits (i.

e. FDA, TUV, MDR)Knowledge of product or medical device security or MDDS platforms.Working knowledge of microservices architecture and API security.

Experience working within Agile methodologyOther : Proficiency in EnglishLimited travel required, up to 25%, including international travel.

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.

careers.jnj.com.We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment.

Please contact us to request accommodation.The anticipated base pay range for this position is $142,000 to $244,950.The Company maintains highly competitive, performance-based compensation programs.

Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan.

The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar / performance year.

Bonuses are awarded at the Company’s discretion on an individual basis.Employees and / or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs : medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.

Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).

This position is eligible to participate in the Company’s long-term incentive program.Employees are eligible for the following time off benefits : Vacation up to 120 hours per calendar yearSick time - up to 40 hours per calendar year;

for employees who reside in the State of Washington up to 56 hours per calendar yearHoliday pay, including Floating Holidays up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar yearAdditional information can be found through the link below.

The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.

JNJTech#LI-RemotePrimary Location NA-US-New Jersey-RaritanOther Locations NA-United States, NA-US-California-MilpitasOrganization Johnson & Johnson Services Inc.

6090)Job Function Security & ControlsReq ID : 2406216038W