Director Security Architecture - Security Products

Johnson & Johnson is currently seeking a Director Security Architecture - Security Products to join our ISRM team located in Raritan. At Johnson & Johnson,we believe health is everything.

Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented, treated, and cured,where treatments are smarter and less invasive, andsolutions are personal.

Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity.

Learn more at https : / / www.jnj.com / . For more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day.

Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world.

Our diverse workforce and culture of belonging accelerate innovation to solve the world's most pressing healthcare challenges. We know that the success of our business - and our ability to deliver meaningful solutions - depends on how well we understand and meet the diverse needs of the communities we serve.

Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued, and our people can reach their potential. At Johnson & Johnson, we all belong. This position involves leading a team of security technology SMEs in shaping & defining global in-depth security product architectures, embedded in the security technology product squads, leading evaluations of new technologies and solution section decision rights, act as a trusted advisor to technology vendors and service providers worldwide, building and maintaining strong relationships to ensure effective global communication, contract management, and vendor relationship management. Role : The Director Security Architecture - Security Products partners closely with ISRM product squads to define and direct the overall technology architecture (enterprise, solution, and technical levels) to ensure effective and efficient protection is in place across all key product areas that have a technology component. This role combines technical expertise, strategic thinking, leadership, and collaboration skills to define and partner with the product squads an integral member of these teams to ensure these robust security technology solutions are implemented on a global scale. The Director will provide visionary leadership to the security technology products architecture team, located across multiple regions, setting clear goals, defining priorities, and ensuring effective resource allocation. Some key responsibility areas of the role include - Security Product Architecture Strategic Leadership Security Technology Planning and Design Security Technology Governance Security Product Performance and Optimization The Director, Security Architecture - security product is a global position and is a key role, will (in partnership with product squads) provide the leadership role in new technology selection, providing global technical assessment, proof-of-concept, and vendor evaluation processes to select and drive the implementation of security technology products that best meet the global security strategy needs. In summary, this position involves leading a team of security technology SME's in shaping & defining global in-depth security product architectures, embedded in the security technology product squads, leading evaluations of new technologies and solution section decision rights, act as a trusted advisor to technology vendors and service providers worldwide, building and maintaining strong relationships to ensure effective global communication, contract management, and vendor relationship management.

• Bachelor's degree in computer science, Information Security, or a related field.
• 15 years of Information Security experience, 6 years of experience leading a technical security area as the SME
• In-depth Knowledge of Security Frameworks and Standards
• A strong understanding of various security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, CIS Controls, and SOC2.
• Familiarity with industry-specific security standards, regulations, and requirements, (e.g., PCI DSS, HIPAA, GDPR, GxP etc.).
• Proficiency in Security Architecture and Design :
• Knowledge and experience in designing and implementing secure architectures for complex systems, networks, and applications.
• In-depth and practical Knowledge across key Security Technologies
• Comprehensive knowledge of a wide range of security technologies, tools, and solutions, including firewalls, intrusion detection / prevention systems, encryption, identity, and access management (IAM), vulnerability management, Secure Access Service Edge (SASE), Cloud Access Security Brokers (CASB), and Cloud Security Posture Management (CSPM) and endpoint protection.
• Experience in managing technology vendors worldwide, conducting global vendor evaluations, and negotiating contracts and service level agreements.
• Knowledge of security audit methodologies, controls testing, and remediation planning.
• Excellent written and verbal communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
• A strong commitment to staying updated with the latest industry trends, security research, emerging threats, and evolving standards.
• Demonstrated ability to adapt to changing security landscapes, evolving technologies, and new regulatory requirements.
• Strong analytical and problem-solving skills, with the ability to identify potential security risks or weaknesses and develop effective strategies for mitigation.
• Demonstrated ability to lead and manage cross-functional teams, including providing guidance, mentoring, and support to less experienced security professionals.
• Proven leadership experience, with the ability to build and lead a high-performance cloud security team.
• Effectively works with virtual, global teams - including diverse groups of people with varied backgrounds and cultural experiences. Preferred Knowledge, Skills and Abilities :
• MS and / or advanced degree preferred.
• Certifications in related areas (e.g.

SANS GPEN / GWAPT / GXPN, OSCP, CEH) are a plus

Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan.

The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar / performance year.

Bonuses are awarded at the Company's discretion on an individual basis.

https : / / www.careers.jnj.com / employee-benefits The compensation and benefits information set forth in this posting applies to candidates hired in the United States.

Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.

Salary : $142,000 - $244,950