Johnson & Johnson
Senior Cloud Security Engineer
Johnson & Johnson, New Orleans, Louisiana, United States, 70123
Overview
Join to apply for the
Senior Cloud Security Engineer
role at
Johnson & Johnson . At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for humanity. Job Function: Technology Enterprise Strategy & Security Job Sub Function: Solution Architecture Job Category: Scientific/Technology All Job Posting Locations: Albuquerque, NM; Atlanta, GA; Austin, TX; Baltimore, MD; Billings, MT; Birmingham, AL; Boise, ID; Burlington, VT; Charleston, WV; Charlotte, NC; Chicago, IL; Columbia, MD; Columbus, OH; Concord, NH; Danvers, MA; Denver, CO; Des Moines, IA; Detroit, MI; Irvine, CA; and other locations. (Locations are listed for reference and may be subject to change.) Job Description
We are seeking the best talent for a Senior Cloud Security Engineer to join our MedTech Product Security team. The role can be based in Raritan, NJ or Danvers, MA. Remote work options may be considered on a case-by-case basis and if approved by the Company. Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First culture? If that’s you, we have an immediate opportunity for a Senior Cloud Security Engineer to join the newly formed Product Security team to help ensure security is implemented by design for this top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards. You will own the Product Security process that includes both pre-market and post-market processes engineering teams leverage throughout the product development lifecycle. If you are eager to leverage your security risk and compliance skills to make a difference and directly impact patient lives, this could be perfect for you. Primary Duties And Responsibilities
Being at the office in Danvers MA for a minimum of 3 days per week (for candidates within commutable distance to site). Partner with engineering teams (cloud, console) to drive successful adherence to Abiomed’s product security policies, processes, program objectives. Create, update, and improve product security processes. Act as an SME on cyber security matters and provide guidance to development teams. Advocate for proactive inclusion of cyber security input into all phases of the product life cycle, process improvements, strategic product road map planning. Deliver documentation for pre-market product development activities including security plans, threat models, security requirements, SBOM, and risk management documentation. Drive and monitor post-market vulnerability management activities, with adherence to strict timelines. Perform security risk assessment on Cloud infrastructure and applications. Collaborate with the development team to integrate security measures into the CI/CD pipeline and the DevSecOps processes. Continuous improvement of Defender Score. Support compliance certification activities, such as SOC2, FedRAMP, ISO 27001, etc. Identify, research, evaluate, and integrate new compliance requirements, industry standards, and best practices into the product security programs. Maintain relationships with Abiomed’s Information Sharing and Analysis Organizations. Guide teams to make decisions that balance business needs with medical device security objectives. Work across organizational boundaries and exhibit empathy with customers, both internal and external. Perform other related duties and responsibilities, as assigned. Qualifications
Required:
Bachelor’s degree 5+ years industry experience in Information Security. Experience working in a Cloud Scrum/Agile Azure DevOps environment. Familiarity with tools such as Snyk, Veracode, Wiz, JIRA, Confluence. Experience with Containerization technologies such as Docker and Kubernetes. Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR). Experience with security risk management techniques. Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and meet deadlines. Committed to working with a sense of urgency and embracing new challenges. Strong communication and interpersonal skills. Preferred:
Experience working in an FDA-regulated environment. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an inclusive interview process. If you are an individual with a disability and would like to request an accommodation, please email ra-employeehealthsup@its.jnj.com. #JNJTECH Compensation
The anticipated base pay range for this position is: $100,000 - $172,500. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus. Details on benefits and eligible programs are provided in company materials and linked resources. Information about benefits varies by location. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with local market practices. Seniority level: Not Applicable Employment type: Full-time Job function: Information Technology Industries: Hospitals and Health Care
#J-18808-Ljbffr
Join to apply for the
Senior Cloud Security Engineer
role at
Johnson & Johnson . At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for humanity. Job Function: Technology Enterprise Strategy & Security Job Sub Function: Solution Architecture Job Category: Scientific/Technology All Job Posting Locations: Albuquerque, NM; Atlanta, GA; Austin, TX; Baltimore, MD; Billings, MT; Birmingham, AL; Boise, ID; Burlington, VT; Charleston, WV; Charlotte, NC; Chicago, IL; Columbia, MD; Columbus, OH; Concord, NH; Danvers, MA; Denver, CO; Des Moines, IA; Detroit, MI; Irvine, CA; and other locations. (Locations are listed for reference and may be subject to change.) Job Description
We are seeking the best talent for a Senior Cloud Security Engineer to join our MedTech Product Security team. The role can be based in Raritan, NJ or Danvers, MA. Remote work options may be considered on a case-by-case basis and if approved by the Company. Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First culture? If that’s you, we have an immediate opportunity for a Senior Cloud Security Engineer to join the newly formed Product Security team to help ensure security is implemented by design for this top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards. You will own the Product Security process that includes both pre-market and post-market processes engineering teams leverage throughout the product development lifecycle. If you are eager to leverage your security risk and compliance skills to make a difference and directly impact patient lives, this could be perfect for you. Primary Duties And Responsibilities
Being at the office in Danvers MA for a minimum of 3 days per week (for candidates within commutable distance to site). Partner with engineering teams (cloud, console) to drive successful adherence to Abiomed’s product security policies, processes, program objectives. Create, update, and improve product security processes. Act as an SME on cyber security matters and provide guidance to development teams. Advocate for proactive inclusion of cyber security input into all phases of the product life cycle, process improvements, strategic product road map planning. Deliver documentation for pre-market product development activities including security plans, threat models, security requirements, SBOM, and risk management documentation. Drive and monitor post-market vulnerability management activities, with adherence to strict timelines. Perform security risk assessment on Cloud infrastructure and applications. Collaborate with the development team to integrate security measures into the CI/CD pipeline and the DevSecOps processes. Continuous improvement of Defender Score. Support compliance certification activities, such as SOC2, FedRAMP, ISO 27001, etc. Identify, research, evaluate, and integrate new compliance requirements, industry standards, and best practices into the product security programs. Maintain relationships with Abiomed’s Information Sharing and Analysis Organizations. Guide teams to make decisions that balance business needs with medical device security objectives. Work across organizational boundaries and exhibit empathy with customers, both internal and external. Perform other related duties and responsibilities, as assigned. Qualifications
Required:
Bachelor’s degree 5+ years industry experience in Information Security. Experience working in a Cloud Scrum/Agile Azure DevOps environment. Familiarity with tools such as Snyk, Veracode, Wiz, JIRA, Confluence. Experience with Containerization technologies such as Docker and Kubernetes. Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR). Experience with security risk management techniques. Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and meet deadlines. Committed to working with a sense of urgency and embracing new challenges. Strong communication and interpersonal skills. Preferred:
Experience working in an FDA-regulated environment. Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson & Johnson is committed to providing an inclusive interview process. If you are an individual with a disability and would like to request an accommodation, please email ra-employeehealthsup@its.jnj.com. #JNJTECH Compensation
The anticipated base pay range for this position is: $100,000 - $172,500. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus. Details on benefits and eligible programs are provided in company materials and linked resources. Information about benefits varies by location. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with local market practices. Seniority level: Not Applicable Employment type: Full-time Job function: Information Technology Industries: Hospitals and Health Care
#J-18808-Ljbffr