", "identifier": { "@type": "PropertyValue", "name": "J&J Family of Companies", "value": "439238" }, "datePosted" : "2019-01-10", "employmentType" : "FULL_TIME", "hiringOrganization" : { "@type" : "Organization", "name" : "J&J Family of Companies" }, "jobLocation" : { "@type" : "Place", "address" : { "@type" : "PostalAddress", "addressLocality" : "Tobyhanna", "addressRegion" : "PA", "postalCode" : "18466", "addressCountry": "US" } } } }
[Close] 

IT Senior Manager- Logistics Cybersecurity

Johnson & Johnson is recruiting
for an IT Senior Manager - Logistics
Cybersecurity, Global Supply Chain located in the United States.
As a part of the Information
Security Risk Management Supply Chain group, the IT Senior Manager - Logistics
Cybersecurity, Global Supply Chain is responsible for the development and
implementation of the security program which spans Johnson and Johnson?s logistics
and distribution centers worldwide, including application security,
infrastructure security, industrial IoT, distribution center automation
equipment and ICS and third-party vendor risk.
The role focuses on shaping and
running the cyber security program and team of resources to:
+ Provide consulting to IT and engineering teams on
standards, design, implementation, and testing of secure IT and OT
(ICS/Distribution Centre Automation) and networks and infrastructure.
+ Provide assurance to senior leadership on the cyber
security risk posture of the logistics capabilities within J&J?s
global supply chain, including performing and leading assessments and
design reviews of current and to-be solutions and environments, ranking
risks and providing consulting and guidance on remediation.
+ Shape strategy for security capabilities needed,
influence business funding and adoption and partner in the selection and
deployment of those capabilities.
+ Influence the cyber security strategy for the J&J
global supply chain.
Monitor the industry landscape for
emerging threats, technologies and capabilities.
Key
Responsibilities:
Lead
the execution of the cyber security program for logistics, including:
+ Provide security consulting and design reviews in
support of technology projects
+ Perform assessments of cyber security risk posture of
logistics technology, sites and vendors. Rank risks, provide
solution/remediation guidance and influence adoption. This is across
full-stack Information Technology and Operational Technology solutions
(applications, databases, infrastructure, networks, industrial Internet of
Things, automation equipment), Distribution Center site cyber security and
3rd party cyber security.
+ Manage metrics and dashboards to enable effective
management of risk
+ Build and maintain relationships with senior leaders to
provide assurance on security risk and influence direction of resources to
appropriate mitigations.
Continuously
improve the cyber security program, for example:
+ Support identification and implementation of security
tools and design patterns (e.g. ICE firewall deployments, IDR, AV, SIEM,
deception technology).
+ Develop technical standards, associated training
materials and implementation guidance.
+ Drive process improvements and productivity gains to
drive increasing value from existing resources
+ Coach and
develop the internal team and establish a network of security champions within
the distribution centers globally:
+ Actively
Monitor new threats and vulnerabilities, advising technology teams on
appropriate actions to address them:
Qualifications
+ Bachelor?s Degree or equivalent experience
+ A minimum of 10 years of experience working in IT
and/or Engineering with a security focus is required including hands-on
implementation level understanding of key security technologies and
controls (e.g. remote access, access control, firewalls, IDP/IDR,
anti-malware, patch management, encryption technologies, forensics etc.)
+ Experience analyzing IT and Operational Technology
architecture to identify security gaps and designing solutions is
required.
+ Experience performing security audits and assessments
based on technical security frameworks such as NIST 800-53/800-82, ISO
27001, IEC 62433, RG 5.71, NEI 08-09, etc.
+ Strong knowledge of the security landscape including
trends in process, tooling and threats is required.
+ Understanding of cloud and virtualized environments is
required.
+ Hands-on experience of integration with hospitals and
health-care environments is helpful.
+ Experience of penetration testing and penetration
testing tool is desirable
+ Experience of working within an incident response team
is desirable
+ Demonstrable track record of working within large
projects and handling multiple opposing priorities.
+ Big Picture/Attention to Detail ? align strategic and
tactical security aspects required.
+ Results Orientation/Sense of Urgency ? ability to aim
to tight timelines required.
+ Excellent interpersonal skills required.
+ Creative problem-solving skills required.
+ Customer focus (internal & external) required.
+ Excellent communication skills, able to network,
interface and influence at all levels of the organization, cross sector,
cross-functionally and globally required.
+ Proven ability to influence/collaborate to get to
desired result required.
+ Strong leadership skills required.
+ Legally able to work in the United States (no visa
sponsorship provided).
Travel percentage ? 15% (US domestic
and international)
Johnson & Johnson is an
Affirmative Action and Equal Opportunity Employer. All qualified applicants
will receive consideration for employment without regard to race, color,
religion, sex, sexual orientation, gender identity, age, national origin, or
protected veteran status and will not be discriminated against on the basis of
disability.
Primary Location
United States-New Jersey-Raritan-
Other Locations
North America-United States-Tennessee-Memphis, North America-United States-Florida-Jacksonville, North America-United States-Indiana-Warsaw, North America-United States-California-Fontana, North America-United States-Kentucky-Shepherdsville, North America-United States-Massachusetts-Bridgewater, North America-United States-Pennsylvania-Tobyhanna, North America-United States-Colorado-Monument, North America-United States-Indiana-Mooresville
Organization
Johnson & Johnson Services Inc. (6090)
Job Function
Information Security
Requisition ID
8799181204

Don't Be Fooled

The fraudster will send a check to the victim who has accepted a job. The check can be for multiple reasons such as signing bonus, supplies, etc. The victim will be instructed to deposit the check and use the money for any of these reasons and then instructed to send the remaining funds to the fraudster. The check will bounce and the victim is left responsible.