Director Cybersecurity - Supply Chain

J&J Family of Companies - Director Cybersecurity - Supply Chain

Location : Lincoln, Nebraska

Is this your next job Read the full description below to find out, and do not hesitate to make an application.

Job Code : 2406216036W

Description

Johnson & Johnson is currently seeking a Director, Cybersecurity for MedTech Supply Chain shared sites & capabilities part of Information Security & Risk Management (ISRM) organization.

This position can be based in Raritan, New Jersey or remotely in the US.

This candidate will have a diverse background with strong business acumen, technology, and security expertise. He / she will be a strategic thinker who leads with impact inclusively, driving intentional change proactively, and be result driven keeping up with industry trends in cybersecurity.

This role will embed directly with our JJT and MedTech Supply Chain teams providing the security posture and the end-to-end security portfolio / capability roadmap to improve, identify, and remediate cybersecurity vulnerabilities.

You will manage and inspire a team of 3-5 direct reports through authentic leadership, driving results, and showing dedication to our Credo.

Your site scope includes global accountability for 85 internal shared Distribution and Manufacturing sites with direct responsibility for North America distribution sites shared MedTech applications inclusive of Sarbanes-Oxley accountability for MedTech strategic programs ensuring security by design.

Responsibilities :

Provide early / proactive engagement with project teams to drive business understanding of the security capabilities and services needed for the project;

E2E support for large programs.

• Shape and drive the OT capability and drive CSRI security adoption across MedTech sites to secure IT / OT assets and enable safe & secure innovation.
• Provide tailored security guidance (based on risk and complexity) - Interpret & apply the IAPP requirements and standards for unique OT (Operational Technology) initiatives and cutting-edge or OT Specific technologies.
• Lead the cyber operational portfolio from identification >

consulting remediation plan >

completion partnering across ISRM, business, and technology teams.

• Establish data analytics to provide security posture across business units, functions, and sites.
• Proactively promote the importance of cybersecurity across the sector and sites.
• Build a community of practice (CoP) across CoEs (MT, IM, Corporate) to discuss SOX changes, IT / OT new technologies, and tools to share experiences and learnings.
• Assist the Security Operations Center (SOC) with security incident investigation activities; work closely with business teams to support affected users and provide liaison with central investigation team.
• Drive business understanding of critical cybersecurity regulations and ensuring solutions are compliant (NIST, NIS2, Safe Data, etc.).
• Support the global deployment of security initiatives with awareness sessions, identify alternative ways of working to avoid business disruptions and review exception requests.
• Provide audit support as the liaison between GAA / JJRC and JJT / Business from pre-work to consulting remediation plans.

Qualifications

• 10 years of related experience in leadership and execution roles within Cybersecurity and a background in Supply Chain required.
• Bachelor’s degree in the field of computer science, information technology, business administration, or another rigorous discipline is required. MBA preferred.
• 7 years of experience in design and implementation of enterprise (security) architecture, cloud security (e.g. AWS, Azure) and / or development of IT solutions or services required.
• Certifications in cybersecurity (CISM, CISSP, ISA-62443), audit (CISA), manufacturing or risk management (CRISC) are required.
• Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross sector, cross-functionally and globally.
• Strategic mindset to develop capability roadmaps that will enable proactive reliability through data & automation.
• Experience in working / securing various levels of the enterprise architecture (data, application, host, middleware, network, Infrastructure).
• Solid understanding of current security threats, mitigation measures and security vendors / technologies.
• Strong understanding of security data protection and capabilities in a manufacturing and / or distribution site is required.
• Direct working and / or supporting experience of Supply Chain applications is required; Sarbanes-Oxley compliance and audit is preferred.
• Understanding of IEC 62443 and NIST 800-53 required.
• Leading diverse team members with varying cybersecurity experience and proficient in resource allocation and planning to meet business needs.
• Big picture perspective and attention to detail focus to align strategic and tactical security aspects.
• Ability to collaborate, network and influence all levels of the organization, cross sector, cross-function and global and establish oneself as an inspiring leader with expertise in space.
• Fluency in Spanish is a plus.

Equal Opportunity Employer

Johnson & Johnson Family of Companies are equal opportunity employers. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status or any other characteristic protected by law.

We will ensure individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions and to receive other benefits and privileges of employment.

Please contact us to request accommodation.

Compensation and Benefits

The anticipated base pay range for this position is $142,000 to $244,950. The Company maintains highly competitive, performance-based compensation programs.

Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan.

Employees and / or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs : medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.

Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).

This position is eligible to participate in the Company’s long-term incentive program.

Employees are eligible for the following time off benefits :

• Vacation up to 120 hours per calendar year
• Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington up to 56 hours per calendar year
• Holiday pay, including Floating Holidays up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year

Additional information can be found through the link below : Employee Benefits

Primary Location : NA-US-New Jersey-Raritan

Other Locations : NA-United States

Organization : Johnson & Johnson Services Inc. (6090)

J-18808-Ljbffr