Sr. Manager Cyber Security
Raritan, NJ

Job Description

Johnson & Johnson is currently recruiting for a Sr. Manager, Cyber Security Incident Response within its Information Security and Risk Management (ISRM) group. This position will be based out of Raritan, NJ.

Johnson & Johnson, through its operating companies, is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices and diagnostics markets. We strive to provide scientifically sound, high quality products and services to help heal, cure disease and improve the quality of life.

Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 130 years. We embrace research and science -- bringing innovative ideas, products and services to advance the health and well-being of people.

With $81.6 billion in 2018 sales, Johnson & Johnson is the world's most comprehensive and broadly-based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. There are more than 250 Johnson & Johnson operating companies employing over 125,000 people and with products touching the lives of over a billion people every day, throughout the world. If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen.

Growing with a diverse company culture, celebrating the uniqueness of our employees and committed to inclusion. Proud to be an equal opportunity employer.

Johnson & Johnson recognizes that information is a critical business asset and that our ability to lead, control and protect this asset will have a direct and significant impact on our success as a business. The Sr. Manager - Incident Response will be a member of the Cyber Security Operations Center whose responsibilities include incident response, forensics, insider threat investigation, malware analysis, root cause analysis, hunting capabilities and case support. You will lead all escalated threat activities and ensure that appropriate internal processes are developed and followed for all threat response activities. In addition, the Manager will have superb communication (oral and written) skills, leaderships skills and business relationship skills to coordinate all remediation efforts during a security incident. Collaborate with other ISRM team members to provide guidance in remediation of security findings.

Responsibilities:

* Incident Response Activities - You will lead remediation efforts during incident response activities and established escalation procedures.
* Think strategically in identifying improvement opportunities to drive the team strategy and vision.
* Support project teams and colleagues on security issues and related internal control gaps.
* Partner with IT contacts, end users and ISRM during response activities.
* Identify root cause through malware analysis.
* You will advise the company on the findings of investigations and liaise with law enforcement as necessary
* Lead highly sensitive, complex, and confidential cyber investigations into incidents of data loss and intellectual property theft, technology misuse, and conflict of interest
* Solve complex problems with data from various sources and provide recommendations to leadership on the appropriate strategy
* Effectively communicate at all levels of the company, including at Executive level
* Possess a solid understanding of analytic tradecraft, deductive reasoning, and critical thinking skills
* Knowledge of incident handling and incident response. Experience providing intelligence analysis support as part of a team that performs in-depth technical analysis of network intrusion incidents
* Ability to write threat intelligence briefings for senior management.
* Insider Threat Investigations and Hunting Activities - Conduct forensic investigations using forensic tools such as EnCase, Intella, Cellebrite, etc.
* Analyze systems identified as potentially compromised.
* Partner with Business leaders including Human Resources, Legal, Internal Audit, etc.
* Metrics - Identify and communicate Key Performance Indicators to highlight improvement opportunity areas and trending data.
* Create or update procedural documentation on incident response activities and overall team improvement opportunities.
* Perform other work-related duties as assigned.

Qualifications

* A Bachelor's degree is required.
* Minimum of 12+ years of overall professional IT experience
* Minimum of 8 years of IT Security experience with 5 years in Incident Response
* Experience in Forensically collecting and handling electronic data as well as working knowledge of investigative tools
* Demonstrated knowledge of corporate investigation strategies utilizing technical forensic capabilities and data
* Demonstrated experience of regular communication at executive level within a global corporate environment
* You will have experience working in a Security Operations Center (SOC), Managed Security Service (MSS), or enterprise network environment
* Knowledge of incident response processes
* Good communication, influencing and presentation skills
* Strong collaboration, leadership and business relationship skills
* Possessing the credibility and presence to act as an authority
* Demonstrated experience in the creation and "maintenance" of operational documentation such as Standard Operating Procedures (SOP) and/or Work Instructions (WI) is helpful
* Strong IT experience and the ability to articulate the relationship between the various data sources
* Demonstrated time management ability, juggling multiple priorities over spans of time
* Demonstrated effectiveness within large, diverse, operating environments and the ability to influence others
* Any of the following Certifications- CISSP, CISM, GCIH, GCFE or equivalent is required

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Primary Location

United States-New Jersey-Raritan-

Organization

Johnson & Johnson Services Inc. (6090)

Job Function

Information Security

Requisition ID

8467190627