Sr Manager, Product Security Risk Management Engineer

Location: Raritan, NJ, Irvine, CA or remote US.

Job Title: Sr Manager, Product Security Risk Management Engineer

Description

Johnson and Johnson is currently recruiting for a Senior Manager, Product Security Risk Management Engineer within the Johnson & Johnson Technology (JJT) organization.

The Senior Manager, Product Security Risk Management Engineer will be responsible for implementation of the ISRM Product Security Risk Management Process. Responsibilities include identifying key strategies and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to MedTech management, and raising overall awareness of the capability.

Key Responsibilities:

1. Integrate vulnerability management and lead initiatives to bolster cybersecurity resiliency across the MedTech business.
2. Mature ISRM product security vulnerability risk management process and drive changes into Business Unit Quality Management Systems.
3. Develop and lead risk analysis whenever high exploit vulnerabilities occur.
4. Create risk management metrics and related documentation.
5. Ensure standardization of security reviews and identification of security gaps.
6. Lead the creation of product security vulnerability management strategy and training.
7. Identify key tooling for vulnerability identification through the total product lifecycle.
8. Lead the ISRM MedTech Coordinated Vulnerability Disclosure Process.

Qualifications

Required:

1. Bachelor’s degree or equivalent in computer science or similar engineering discipline.
2. Minimum 10 years relevant experience, or equivalent combination of education/experience.
3. Must be a subject matter expert in vulnerability management.
4. CISSP or related subject matter expertise certifications.
5. Experience with SBOM creation/scanning automation.

Preferred:

1. Experience in APIs Security, vulnerability scan, compliance and threat detection.
2. Experience with API security testing and compliance reporting.
3. Excellent analytical, written, and verbal communication skills.
4. Comfortable with conflicts and capable of influencing cross-functional teams.
5. Any programming or integration experience is beneficial.

Limited travel required, up to 10%, including international travel.

Compensation and Benefits:

The anticipated base pay range for this position is $118,000 to $203,550. Employees may be eligible for performance-based compensation programs, including annual performance bonuses and various employee benefit programs.

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer.

#JNJTech

Primary Location: Raritan, NJ

Other Locations: United States, California-Irvine

Organization: Johnson & Johnson Services Inc.