Director- Cyber Risk Assessment Services

Description:

Johnson & Johnson is recruiting for a Director- Cyber Risk Assessment Services located in Raritan, NJ or remote work in the U.S.

The Director, Cyber Risk Assessment Services, is responsible for leading a team of security and risk professionals in the conduct of a variety of cybersecurity risk and compliance assessments, including assessments of third-parties and both internal and hosted applications. They will also be responsible for defining, developing, and monitoring assessment processes, driving continuous improvement, and defining and reporting on Key Performance Indicators. Lastly, the Director will drive automation throughout the assessment processes and collaborate and partner with other ISRM leaders to ensure assessment services meet stakeholder expectations.

Key Responsibilities:

• Develops and maintains overall Risk Assessment execution strategy and approach to ensure consistent, quality cybersecurity risk assessments.
• Leads team in performance of cybersecurity risk assessments across applications, third parties, websites and other relevant entities.
• Defines and maintains formal cybersecurity risk assessment processes.
• Drives and oversees the development of requirements for automation, process enhancements, and technology enhancements to drive efficiency and accuracy.
• Develops KPIs and metrics to measure quality and effectiveness of risk assessment services.
• Collaborates with other ISRM leaders to ensure risk assessments meet customer expectations.
• Collaborates with the ISRM GRC team to drive technology enhancements and capabilities to support assessment processes.
• Provides People Leadership for the Risk Assessment team, ensuring ongoing development of team members.
• Support ISRM organizational initiatives (e.g., Talent, Learning & Development, etc.).
  
  

Qualifications:

Education:

• A bachelors degree is required, preferably in Computer Science, Engineering or Information Security/Cybersecurity.
• Masters degree preferred.
  
  

Experience and Skills:

Required:

• 10+ years of Information Security/IT Risk Management experience with growing responsibilities.
• 5+ years of experience leading cybersecurity professionals in the conduct of application and/or third-party assessments.
• Experience with developing and defining formal processes for security assessments.
• Demonstrated proficiency in information security, cybersecurity controls and industry frameworks, and both traditional and emerging cyber threats.
• Demonstrable record of effectively collaborating with virtual, global teams, including diverse groups of people with varied backgrounds and cultural experiences.
• Good communication and demonstrated influencing skills.
• Experience at a large multinational organization.
• Ability to lead a diverse staff.
  
  

Preferred:

• Certifications: Information Security & Risk Management certifications preferred.
  
  

Other:

• 10% travel.
  
  

#JNJTech

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.

The anticipated base pay range for this position is $142,000 -$244,950 USD.

The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year. Bonuses are awarded at the Company’s discretion on an individual basis.

• Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
• Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
• Employees are eligible for the following time off benefits:
• Vacation – up to 120 hours per calendar year
• Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington – up to 56 hours per calendar year
• Holiday pay, including Floating Holidays – up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year
• Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits
  
  

The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.