Talent.com
MedTech Product Security Manager

MedTech Product Security Manager

Johnson & JohnsonAlexandria, VA, United States
23 hours ago
Job type
  • Full-time
Job description

Overview

Join to apply for the MedTech Product Security Manager role at Johnson & Johnson . The role is based in Milpitas or Irvine, CA. Remote work options may be considered on a case-by-case basis and if approved by the Company. Up to 10% travel may be required.

Job Function

R&D Product Development

Job Sub Function

R&D Software / Systems Engineering

Job Category

Scientific / Technology

Locations

Milpitas, CA; Irvine, CA; remote options on approval

Responsibilities

  • Supporting JJV throughout a new products development phases
  • Review product security requirements and recommend security design solutions
  • Help complete Quality documentation, threat modelling, penetration testing, software architecture review and design recommendations, code analysis and other security testing or work as needed
  • Post market responsibilities for JJV marketed devices include monitoring for new vulnerabilities, assisting with patching and remediation plans, as well as responding to all customer security questionnaires and reviewing security language within contractual agreements
  • Drive adherence to J&J Product Securitys overarching framework
  • Champion Product Security strategy and objectives within JJV
  • Partner with internal organizations to enhance existing processes and policies
  • Create and present Product Security metrics to management
  • Implement and enforce Product Security governance model for JJV pre and post market medical devices
  • Perform automated code scanning and coordinate formal security testing
  • Respond to customer cybersecurity questionnaires and contractual language for all post-market medical devices
  • Other MedTech cybersecurity related duties as needed

Qualifications

  • Required : 8 years IT or cybersecurity experience
  • Bachelors degree or equivalent
  • Minimum 8 years of progressive leadership experience in information technology or cybersecurity
  • Threat modelling experience
  • Data privacy experience, including GDPR and CCPA
  • Understanding of HIPAA / HITRUST & ISO 27001
  • Understanding of penetration testing, vulnerability scanning, CVSS and / or other security testing principles
  • Ability to work autonomously and proactively seek out security opportunities
  • Knowledge of operating systems (e.g., QNX, Windows Embedded) hardening techniques
  • Ability to create and deliver cybersecurity awareness campaigns and communications
  • Ability to translate technical security requirements into solutions
  • Ability to provide secure coding recommendations
  • Experience leading large projects and tracking security timelines
  • Ability to write technical security requirements for embedded systems and web platforms
  • Creative problem-solving and customer-focused mindset
  • Excellent communication and collaboration skills across levels and functions
  • Strong leadership skills

    • Preferred

  • Experience with formal security audits (HITRUST, SOC2, FedRAMP)
  • FDA or global regulatory cybersecurity guidance familiarity
  • Experience with web applications and server hardening (AWS, Azure); knowledge of OWASP Top 10 and blue-teaming
  • Cybersecurity pre-sales experience
  • Software development experience
  • CISSP or other security certification
  • MS or advanced degree

    • Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

    Johnson and Johnson is committed to providing an inclusive interview process. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center or AskGS for accommodation resources.

    #JNJTECH

    The anticipated base pay range for this position is : $114,000 - $197,800 (Bay Area); $100,000 - $172,500 (all other areas)

    Additional pay and benefits information : The Company maintains competitive, performance-based compensation programs. Bonuses may be awarded at the Companys discretion. Eligible benefits include medical, dental, vision, life insurance, disability, retirement plans, paid time off, and more, per location. Details at the link below.

    Equal Opportunity Employer information continued. This posting contains information about pay ranges and benefits that apply to candidates hired in the United States; other regions may differ.

    #J-18808-Ljbffr

    Create a job alert for this search

    Medtech • Alexandria, VA, United States