OT Cybersecurity Manager

at  Johnson Johnson

Warszawa, mazowieckie, Poland -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate25 Jan, 2025Not Specified26 Oct, 2024N/ATechnology,Iec,Patch Management,Nist,Penetration Testing,Affirmative Action,Color,It,Remote Access,Cissp,Access Control,Cloud,Iso,Architecture,Timelines,International Travel,Firewalls,Testing Tools,Consideration,Security AuditsNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

Johnson & Johnson is recruiting for an Operational Technology (OT) Cybersecurity Manager, located in Warsaw, Poland.
As a part of the Information Security Risk Management (ISRM) organization, the cybersecurity manager will advance the security program which covers Johnson and Johnson’s supply chain and research and development environments to protect our patients and critical operations. The lead will ensure strong controls are in place at our sites for applications, infrastructure, industrial IoT, automation equipment, site security and third-party vendor risk.

The cybersecurity manager will play a meaningful role to:

  • Develop the OT security framework to ensure controls are implemented across our sites.
  • Build training material for security team members and support partners to strengthen risk and vulnerability management, cybersecurity controls and governance.
  • Implement security capabilities needed, partner with business partners to deploy and assist with adoption.
  • Drive the advancement of the cyber security strategy for the J&J (Johnson & Johnson) global R&D and supply chain.
  • Incorporate insights on emerging threats, technologies, and capabilities from the industry landscape into the OT cybersecurity program

Key Responsibilities include:
Working with the broader security team to design and deploy risk sensing, automation, and analytics solutions for critical security controls to advance vulnerability management and improve the risk posture of the OT environment.
Providing requirements to the engineering teams to advance threat monitoring and detection.
Strengthening the governance framework, including technical standards, training materials, and implementation guidelines to provide visibility of risk posture and improvements.
Continuously improve the OT cyber security framework by enhancing the coverage and integration security tools and design patterns (e.g., ICE (Isolated Computing Environment) firewall deployments, IDR, AV, SIEM, deception technology).
Actively monitor new threats and vulnerabilities, engaging IT (Information Technology) and Engineering teams on appropriate actions to address them.

QUALIFICATIONS

Qualifications

Education:

  • BA/BS or comparable security experience, certifications, or military security experience.

Required Experience and Skills:

  • Consistent record in IT and/or Engineering with a security focus is required with 8 or more years of experience.
  • Demonstrated ability with Operational Technology environments, security technologies and controls (e.g., remote access, access control, firewalls, IDP/IDR, anti-malware, patch management, encryption technologies, forensics etc.) is required.
  • Knowledge of the security landscape including trends in process, tooling and threats is required. Understanding of cloud, virtualized environments and emerging digital capabilities is required.
  • Results orientation with ability to handle timelines required.

Preferred Experience and Skills:

  • Experience performing security audits and assessments based on technical security frameworks such as NIST (National Institute of Standards and Technology) 800-53/800-82, ISO 27001, IEC (International Electrotechnical Commission) 62443, etc..
  • Experience analyzing IT and Operational Technology architecture to identify security gaps and designing solutions.
  • Understanding penetration testing and penetration testing tools.
  • Experience working within an incident response team.
  • Strong interpersonal and creative problem-solving skills, with a focus on (internal and external) customers are desirable.
  • Self-starter, eager to learn and develop new skills, while demonstrating the ability to work independently .

Other:

  • 10% domestic and international travel
  • CISSP, CISM, etc. preferred

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.

Responsibilities:

  • Develop the OT security framework to ensure controls are implemented across our sites.
  • Build training material for security team members and support partners to strengthen risk and vulnerability management, cybersecurity controls and governance.
  • Implement security capabilities needed, partner with business partners to deploy and assist with adoption.
  • Drive the advancement of the cyber security strategy for the J&J (Johnson & Johnson) global R&D and supply chain.
  • Incorporate insights on emerging threats, technologies, and capabilities from the industry landscape into the OT cybersecurity progra


REQUIREMENT SUMMARY

Min:N/AMax:5.0 year(s)

Information Technology/IT

IT Software - Network Administration / Security

IT

Graduate

Proficient

1

Warszawa, mazowieckie, Poland