Sr. Manager, Cybersecurity - SAP

Johnson & Johnson is recruiting for a Cybersecurity Sr. Manager, J&J Innovative Medicines Transcend. The location for this role is based in Titusville, NJ.

Johnson & Johnson is the world's most comprehensive and broadly-based manufacturer of health care products and related services, for the pharmaceutical and medical devices markets. Johnson & Johnson has been caring for the world one person at a time for over 125 years. The people of the Johnson & Johnson family of companies are inspired and united working with partners in healthcare touching the lives of over a billion people throughout the world. Johnson & Johnson embraces research and science bringing innovative ideas, products and services forward to advance the health and well-being of people everywhere.

Johnson & Johnson thrives on a credo-based company culture, celebrating the uniqueness of our employees and is committed to diversity and inclusion. We are proud to be an equal opportunity employer!

The Cybersecurity Sr. Manager, Information Security & Risk Management (ISRM) Innovative Medicines Transcend is a self-starter who enjoys a fast-paced environment and is looking for opportunity to make a difference in the implementation of a revolutionizing program. They will have responsibility for all aspects of identifying and leading IT controls and Cybersecurity risks related to the multi-million dollars, multi-year deployment of the Innovative Medicine Sector ERP ground-breaking program (TranSCend). This individual will serve as the focal point for all cybersecurity and IT internal control matters related to the program.

The candidate is an SAP S/4 HANA and IT controls domain expert that will work in close collaboration with the TranSCend IM Global Transformation project team and business leaders to ensure a robust, lean and compliant implementation including the deployment of the business user access management governance framework.

Responsibilities:

• The main responsibility will be to support all aspect of IT controls and cybersecurity for the Transcend program implementation.
• Lead the design of cybersecurity controls, ensure proper design implementation and assurance testing.
• Accountable for identifying risks related to the deployment prior to go-live and ensuring that appropriate mitigation/remediation plans are in place.
• Lead the strategy for handling the different audit and IT SOX compliance activities
• Understand and promote risk management activities associated with external regulations and internal Johnson & Johnson policies such as IAPP, GxP, SOX, and GDPR
• Provide assurance to program leadership on the cybersecurity risk posture of the eco-system and processes, including performing and leading vendor/application assessments, design reviews, ranking risks, and consulting on remediation strategies.
• Facilitate education and training to the program team on cybersecurity and internal control procedures and controls.
• Communicate valuable metrics to senior leadership, including timely visibility of security incidents, vulnerabilities and issues.
• Plan and prioritize the integration of security measures in business projects during the design, development, and deployment phases.

Qualifications

• Bachelor's degree is required. Advanced degree in cybersecurity or other relevant disciplines is preferred but not required.
• A minimum of 7 years of progressive experience in leadership roles within Cybersecurity, Technology or relevant discipline is required.
• Deep understanding of cybersecurity internal controls and concepts
• Knowledge of security control framework and application in security by design is a MUST.
• Experience with SOX compliance, internal controls/Auditing/Testing of IT controls is a MUST.
• Knowledge of Cloud security and internal controls in SAP S/4Hana environment is a MUST.
• Solid grasp of current security threats, mitigation measures, and security vendors/technologies is required.
• Experience in identifying key security risks, and security controls, and providing consulting services to customers throughout the application implementation process is required.
• Experience working in fast-paced environments is required.
• Previous experience developing effective and strong partnerships is required.
• Superb communication and collaboration skills, ability to network and influence all levels is a MUST.
• Foundational knowledge of regulatory requirements (e.g., SOX404, Privacy, HIPAA, GxP, cyber regulations) is preferred.
• Creative problem-solving skills and understanding of complex environments (data, application, middleware, network) is preferred.
• Security certifications such as CRISC, CISSP, CCSP, ISSAP, CISM, etc. are preferred.

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

The anticipated base pay range for this position is $118,000 to $203,550.

The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis.

Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits

#JNJTech