Connectivity & Product Security Manager - Johnson and Johnson

DePuy Synthes, a Johnson & Johnson company, is recruiting for a Connectivity and Product Security Manager. This position may be onsite at our Palm Beach Gardens, FL office or fully remote in the US!

At DePuy Synthes, our mission is to keep people moving through innovations in orthopaedic surgery, support and education for providers, and a dedication to improving diversity, inclusivity, and equality throughout the healthcare system.

With new advancements in orthopaedic devices, medical technology, and digital surgery across the continuum of care, we are proud to provide surgeons with solutions as diverse as their patients.

The Connectivity & Product Security Manager will work with a talented team of service team members to enable capital systems connectivity and telemetry of all aspects of our DePuy Synthes Service Care. Interfacing with cross-functional teams across DePuy Synthes. Seeking to understand the customer needs, requirements, and concerns around connectivity, Cybersecurity, and data telemetry. In this role, you will create/execute plans for the creation, deployment, and ongoing automation to streamline security questionnaires processes and guidelines in support of our commercial success within the U.S. as well as support plans for product expansion outside of the U.S.

What you will do:

• Leads organizational change as demonstrated by leadership, teamwork, project management, and communication skills.

• Partner with engineering teams (Software, Hardware, Marketing, etc.) to drive successful adherence to the Product Security Program.

• Collaborate, create, update, and mature Cybersecurity product processes and documentation.

• Conduct Comprehensive Security Assessments.

• Deliver documentation for pre-market development activities including security plans, architecture and data flow diagrams, threat models, requirements, SBOM, and risk documentation.

• Monitor and drive post-market vulnerability management activities, with adherence to strict timelines.

• Communicate across different levels of the organization while keeping the audience and details in mind.

• Support and scale customer security questionnaire completion process.

• Translate technical approach into business needs.

• Actively participate in customer calls, covering intricate details around Cybersecurity, data security, connectivity, and more.

• Guide teams to make decisions that balance business needs with security and data privacy objectives.

• Think across organizational boundaries and empathizes with customers, both internal and external. Required

• Bachelor's Degree required with a focus in System Engineering, Information Systems, or Computer Science preferred.

• At least 5 years of relevant business experience with 2 years in security experience (i.e., Cyber, Data) required.

• Familiarity with software development, SDLC. Hands on experience a plus but not required.

• Knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).

• Experience with security risk management techniques and tactics.

• Committed to working with a sense of urgency and embracing new challenges.

• Strong communication and interpersonal skills.

Preferred

• CISSP or other security certification.

• Experience working in a regulated environment, FDA-regulated

• Computer networking concepts and protocols, and network security methodologies.

• Risk management processes (e.g., methods for assessing and mitigating risk).

• Experience in gathering requirements from clients for specific product Cybersecurity needs.

• Capabilities and functionality associated with various technologies for organizing and managing information (e.g., databases, bookmarking engines).

• Cloud-based knowledge management technologies and concepts related to Cybersecurity, governance, procurement, and administration.

• Data classification standards and methodologies based on sensitivity and other risk factors.

• Personally Identifiable Information (PII) data security standards.

• Prior experience with medical device connectivity to hospital network for remote access a plus

10% travel domestically

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com .

The anticipated base pay range for this position is $99,000 to $170,200.

The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/ performance year. Bonuses are awarded at the Company's discretion on an individual basis.

Employees may be eligible to participate in Company employee benefit programs such as health insurance, savings plan, pension plan, disability plan, vacation pay, sick time, holiday pay, and work, personal and family time off in accordance with the terms of the applicable plans. Additional information can be found through the link below.

For additional general information on company benefits, please go to: - https://www.careers.jnj.com/employee-benefits

#Remote

#JnJTech