Johnson & Johnson
Manager – Cybersecurity Investigations
Johnson & Johnson is recruiting for an Insider Risk Investigation Manager. This position will be based at our Raritan, NJ office.
The role contributes to a dynamic growing team and plays a key role in the success of the Insider Risk program within Information Security & Risk Management (ISRM).
Key Responsibilities
Partner with expert teams such as HR, Audit, Legal, Physical Security, Cyberforensic teams, and J&J leadership to conduct investigation activities that support enterprise data protection and insider risk initiatives.
Facilitate data value and business impact assessments of exfiltrated data to determine appropriate investigation actions.
Interview subjects involved in data risk cases to establish activity root cause and intent, assess credibility, detect inconsistencies, and explore motives to determine appropriate action and remediation steps.
Responsible for collection, analysis, and interpretation of relevant data activity, digital forensics, or other reports required for complete and thorough investigations.
Produce timely case notes and statuses, metrics, and final case reports for assigned case load.
Manage work consistently and accurately within team Case Management System.
Contribute to accurate and comprehensive playbook and SOP documentation required for repeatable and defensible processes.
Specify technical remediation requirements and provide specific guidance to investigation subjects.
Recommend corrective actions required by subject or manager/team.
Collaborate with Investigation Team on time sensitive, high priority cases.
Escalate high risk events to leadership and stakeholders.
Perform case debriefs to audiences with a mixed level of technical expertise including legal counsel and law enforcement.
Qualifications Education:
BA/BS degree is required.
Required Experience and Skills:
5+ years of proven experience in Insider Risk, Cybersecurity, or Technical Investigations.
Demonstrated understanding of data security and data egress concepts and methods.
Experience and proven ability to investigate and interview subjects as it relates to data exfiltration from a large organization.
Minimum of 3 years of experience interviewing investigation subjects.
Solid understanding and experience with Data Loss Prevention (DLP) systems and related security tools that supply Insider Risk alerts.
Ability to directly manage or work with 3rd party firms and subjects to sanitize, recover, or securely remove data in a variety of systems, applications, and device types.
Experience anticipating cyber forensic investigation needs, interpreting and analyzing cyber forensic reports from end user devices and network systems.
Excellent listening skills and ability to detect and question implausible explanations and effectively challenge subjects with dubious intent.
Ability to work independently and effectively in a dynamic corporate environment.
Ability to adapt to frequent reprioritization of tasks based on risk factors.
Familiarity and support of 18 U.S.C. 1831 & 1832.
Consistently operate with confidentiality and communicate case information with careful discretion.
Preferred Experience and Skills:
Experience and understanding of protecting trade secrets and intellectual property, data security, and data exfiltration methods.
Experience in Insider Risk and investigations programs within highly complex and/or global environments.
Background and experience in law enforcement, corporate security, or intelligence with requisite skills & experience in corporate investigations, debriefing, and case management processes and techniques.
Understanding of Privacy legislation and requirements differences globally.
Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, please contact us via https://www.jnj.com/contact-us/careers or contact AskGS to be directed to your accommodation resource.
#J-18808-Ljbffr
The role contributes to a dynamic growing team and plays a key role in the success of the Insider Risk program within Information Security & Risk Management (ISRM).
Key Responsibilities
Partner with expert teams such as HR, Audit, Legal, Physical Security, Cyberforensic teams, and J&J leadership to conduct investigation activities that support enterprise data protection and insider risk initiatives.
Facilitate data value and business impact assessments of exfiltrated data to determine appropriate investigation actions.
Interview subjects involved in data risk cases to establish activity root cause and intent, assess credibility, detect inconsistencies, and explore motives to determine appropriate action and remediation steps.
Responsible for collection, analysis, and interpretation of relevant data activity, digital forensics, or other reports required for complete and thorough investigations.
Produce timely case notes and statuses, metrics, and final case reports for assigned case load.
Manage work consistently and accurately within team Case Management System.
Contribute to accurate and comprehensive playbook and SOP documentation required for repeatable and defensible processes.
Specify technical remediation requirements and provide specific guidance to investigation subjects.
Recommend corrective actions required by subject or manager/team.
Collaborate with Investigation Team on time sensitive, high priority cases.
Escalate high risk events to leadership and stakeholders.
Perform case debriefs to audiences with a mixed level of technical expertise including legal counsel and law enforcement.
Qualifications Education:
BA/BS degree is required.
Required Experience and Skills:
5+ years of proven experience in Insider Risk, Cybersecurity, or Technical Investigations.
Demonstrated understanding of data security and data egress concepts and methods.
Experience and proven ability to investigate and interview subjects as it relates to data exfiltration from a large organization.
Minimum of 3 years of experience interviewing investigation subjects.
Solid understanding and experience with Data Loss Prevention (DLP) systems and related security tools that supply Insider Risk alerts.
Ability to directly manage or work with 3rd party firms and subjects to sanitize, recover, or securely remove data in a variety of systems, applications, and device types.
Experience anticipating cyber forensic investigation needs, interpreting and analyzing cyber forensic reports from end user devices and network systems.
Excellent listening skills and ability to detect and question implausible explanations and effectively challenge subjects with dubious intent.
Ability to work independently and effectively in a dynamic corporate environment.
Ability to adapt to frequent reprioritization of tasks based on risk factors.
Familiarity and support of 18 U.S.C. 1831 & 1832.
Consistently operate with confidentiality and communicate case information with careful discretion.
Preferred Experience and Skills:
Experience and understanding of protecting trade secrets and intellectual property, data security, and data exfiltration methods.
Experience in Insider Risk and investigations programs within highly complex and/or global environments.
Background and experience in law enforcement, corporate security, or intelligence with requisite skills & experience in corporate investigations, debriefing, and case management processes and techniques.
Understanding of Privacy legislation and requirements differences globally.
Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.
Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you are an individual with a disability and would like to request an accommodation, please contact us via https://www.jnj.com/contact-us/careers or contact AskGS to be directed to your accommodation resource.
#J-18808-Ljbffr