Johnson & Johnson

Product Security Manager

Johnson & Johnson$118K — $203K *
Irvine, CA 92620In-Person
Healthcare
8 - 10 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • 8 years IT or cybersecurity experience
  • Bachelor’s degree or equivalent
  • Progressive leadership experience in IT or cybersecurity
  • Experience with threat modeling
  • Knowledge of data privacy laws (GDPR, CCPA)
  • Understanding of HIPAA/HITRUST & ISO 27001
  • Familiarity with penetration testing and vulnerability scanning
  • Ability to work independently and seek security improvements
  • Knowledge of hardening techniques for operating systems
  • Experience creating cybersecurity awareness campaigns
  • Ability to translate technical requirements into practical solutions
  • Strong project management and leadership skills

Responsibilities

  • Support new product development phases within JJV
  • Review security requirements and recommend design solutions
  • Complete quality documentation and various security testing
  • Monitor post-market devices for vulnerabilities and assist with remediation
  • Enforce J&J Product Security framework for medical devices
  • Communicate Product Security metrics to management
  • Coordinate formal security testing and code scanning

Benefits

  • Consolidated retirement plan and 401(k)
  • Generous annual vacation hours
  • Sick leave based on location
  • Holiday pay including floating holidays
  • Parental leave for new parents
  • Caregiver leave availability
  • Volunteer leave opportunities
  • Military spouse time-off
  • Comprehensive health benefits
Full Job Description

Job Function:

Technology Enterprise Strategy & Security

Job Sub Function:

Solution Architecture

Job Category:

Scientific/Technology

All Job Posting Locations:

Alabama (Any City), Alabama (Any City), Arizona (Any City), Arkansas (Any City), California (Any City), Colorado (Any City), Connecticut (Any City), Delaware (Any City), Florida (Any City), Georgia (Any City), Idaho (Any City), Illinois (Any City), Indiana (Any City), Iowa (Any City), Irvine, California, United States of America, Kansas (Any City), Kentucky (Any City), Louisiana (Any City), Maine (Any City), Maryland (Any City), Massachusetts (Any City), Michigan (Any City), Milpitas, California, United States of America, Minnesota (Any City), Mississippi (Any City) {+ 25 more}

Job Description:

We are seeking the best talent for a Product Security Manager to join our MedTech Product Security team. The role is based in Milpitas or Irvine, CA. Remote work options may be considered on a case-by-case basis and if approved by the Company. This may require up to 10% travel.

The Product Security Manager will be responsible for implementation of J&J’s enterprise Product Security strategy and framework throughout Johnson & Johnson Vision (JJV) medical device portfolio. This includes identifying key strategy and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to management, identifying communications plans and raising overall awareness of the capability.

Specific responsibilities include:

  • Supporting JJV throughout a new product’s development phases
  • Review product security requirements and recommend security design solutions
  • Help complete Quality documentation, threat modelling, penetration testing, software architecture review and design recommendations, code analysis and other security testing or work as needed.
  • Post market responsibilities for JJV marketed devices include monitoring for new vulnerabilities, assisting with patching and remediation plans, as well as responding to all customer security questionnaires and reviewing security language within contractual agreements.
  • Drive adherence to J&J Product Security’s overarching framework:
  • Champion Product Security strategy and objectives within JJV
  • Partner with internal organizations to enhance existing processes and policies
  • Create and present Product Security metrics to management
  • Responsible and accountable to implement and enforce Product Security governance model for JJV pre and post market medical devices.
  • Perform automated code scanning and coordinate formal security testing.
  • Respond to customer cybersecurity questionnaires and contractual language for all post-market medical devices.
  • Other MedTech cybersecurity related duties as needed

Qualifications

Required:

  • 8 years IT or cybersecurity experience
  • Bachelor’s degree or equivalent
  • A minimum of 8 years of progressive experience in leadership roles within information technology or cybersecurity functions
  • Threat modeling experience
  • Data privacy experience, including GDPR and CCPA
  • Understanding of HIPAA/HITRUST & ISO 27001
  • Understanding of penetration testing, vulnerability scanning, CVSS and/or other general security testing principles
  • Ability to work autonomously and proactively seek out security opportunities within JJV
  • Knowledge of traditional and real-time operating systems (i.e. QNX, Windows Embedded) hardening techniques
  • Ability to create and deliver cybersecurity awareness campaigns and other communications
  • Ability to translate technical security requirements into solutions
  • Ability to provide secure coding recommendations
  • Ability to lead large projects and proven ability to track to project plan timelines from a security perspective
  • Ability to write technical security requirements for embedded systems and web platforms
  • Creative problem-solving skills
  • Customer focus (internal & external)
  • Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross sector, cross-functionally and globally
  • Strong leadership skills

Preferred:

  • Experience leading or participating in formal security audits (i.e. HITRUST, SOC2, FedRAMP)
  • Familiarity with FDA and/or other global regulatory cybersecurity guidance requirements and submission process
  • Experience with web applications and server hardening (i.e. AWS, Azure) including knowledge of OWASP Top 10 and blue teaming techniques
  • Experience in cybersecurity pre-sales
  • Software development experience
  • CISSP or other security certification
  • MS and/or advanced degree

Required Skills:

 

Preferred Skills:

 

 

The anticipated base pay range for this position is :

$118,000.00 - $203,550.00

Additional Description for Pay Transparency:

The above salary range is for the Milpitas, CA (SF Bay Area) location. The salary range for all other locations is: $102,000 - $177,100.

Subject to the terms of their respective plans, employees are eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).

Subject to the terms of their respective policies and date of hire, employees are eligible for the following time off benefits:
0 Vacation 120 hours per calendar year
0 Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado 48 hours per calendar year; for employees who reside in the State of Washington 56 hours per calendar year
0 Holiday pay, including Floating Holidays 13 days per calendar year
0 Work, Personal and Family Time - up to 40 hours per calendar year
0 Parental Leave 120 hours within one year of the birth/adoption/foster care of a child
0 Bereavement Leave 60 hours for an immediate family member: 40 hours for an extended family member per calendar year
0 Caregiver Leave 40 hours in a 52-week rolling period10 days
0 Volunteer Leave 2 hours per calendar year
0 Military Spouse Time-Off 40 hours per calendar year

For additional general information on Company benefits, please go to: - https://www.careers.jnj.com/employee-benefits

About Johnson & Johnson

Scio Diamond creates single-crystal Type IIa diamonds for the jewelry market and for industrial applications. It employs a patent-protected chemical vapor deposition (CVD) process in a precisely controlled laboratory setting to produce diamonds. It was founded in 2009 and is headquartered in Greenville, South Carolina.

Johnson & Johnson Careers

Joining Johnson & Johnson provides an unparalleled opportunity to be a part of a global team of professionals dedicated to blending care, science, and innovation to profoundly change the trajectory of health for humanity.

Work You’ll Do

At Johnson & Johnson, you will engage in work that matters. Join our community of professionals in health care to drive significant and impactful changes across the globe. Our team at Johnson & Johnson leads with science and heart in sectors from pharmaceuticals to medical devices and consumer health products.

Transform Health Care

Leverage Johnson & Johnson’s culture of innovation to transform health care and improve the lives of people around the world. Our collaborative environment encourages leadership and growth, allowing you to pioneer new strategies for health care solutions with a diverse team of experts.

Innovative Work

Engage in groundbreaking work that enhances how care is delivered on a global scale. Johnson & Johnson’s commitment to innovative health solutions results in dynamic career paths filled with opportunities for professional growth and development.

Be Part of a Great Team

Our team at Johnson & Johnson thrives on collaboration and diversity. You will work alongside over 130,000 employees globally who are committed to making a lasting impact. With a culture that values diversity training and leadership, you are supported in both personal and professional growth.

Future-Proof Your Career

Johnson & Johnson offers a myriad of job opportunities and employment benefits designed to help you meet your career and personal goals. Our employees enjoy comprehensive benefits, including health insurance, retirement plans, and family-friendly policies that pave the way for a fulfilling career and life balance.

Explore Job Opportunities and Internships

Whether you’re looking to start your career or take it to the next level, Johnson & Johnson offers positions ranging from internships to leadership roles across various sectors. Enhance your skills through hands-on experience and our extensive networking and mentorship programs.

Johnson & Johnson Leadership and Development

Our commitment to leadership and continuous learning is at the core of our employment philosophy. Every position offers chances to lead, learn, and innovate. We provide extensive training programs and development courses that prepare you for the future of health care.

Stay Connected

Join Our Team

Search open positions that match your skills and interests. We are constantly hiring and looking for curious, driven, and compassionate team players.

SEARCH JOHNSON & JOHNSON JOBS

Keep Up to Date

Stay informed with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the people who work here.

READ CAREERS BLOG

Job Alert Emails

Customize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding career opportunities that await at Johnson & Johnson. Join Johnson & Johnson today to be a part of a team that values innovation, leadership, and diversity, and see how far your ambition can take you.
Learn more about Johnson & Johnson
Size
141,700 employees
Market Cap
$462.7 billion
Industry
Pharmaceuticals & Biotech
Net Income
$14.7 billion
Founded
1886
5 Year Trend
+5.5%
Revenue
$82.5 billion
NASDAQ
JNJ
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at Johnson & Johnson

More Healthcare Jobs

Find similar Product Security Manager jobs:

NationwideIrvine, CA