Description

The Cyber Security Manager is primarily responsible for all ongoing activities related to the availability, integrity, and confidentiality of J&J protected information, providers, employees, and business information in compliance with the J&J’s security procedures, regulations, and laws. 

Job Responsibilities:

• Performs security management per the organization's Information Security and/or Privacy policies and procedures.
  • Performs information security risk analysis and periodic information system activity reviews for information security processes.
  • Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained. 
  • Provides security awareness to the organization by developing and implementing the education and awareness program.
  • Monitors compliance with the organization's security policies and procedures among employees, contractors, alliances and other third parties, and takes corrective action as needed. 
  • Manages information security incident response actions.
• Coordinates the development of the organization’s disaster recovery and business continuity plans for information systems and periodically tests organizational readiness.
• Serves as an internal information security consultant to the organization.
• Monitors advancements in information security technologies to ensure organizational adaptation and compliance.
• Monitors changes in legislation and accreditation standards that affect information security.
• Initiates, facilitates, and promotes activities to foster information security awareness within the organization.
• Reviews all system-related information security plans throughout the organization's network and acts as a liaison to the Board of Directors, Senior Management, & Information Technology Department.
• Cooperates with J&J’s legal entities, and organization officers in any compliance reviews or investigations.
• To document all the security policies and to promote activities and procedures to create a general awareness about the significance of security within an organization.
• To review the security plans that have been implemented on the systems throughout the entire network of the organization.
• Mentor and manage Security employees and consultants.

· To initiate, develop, and maintain information security policies and procedures and to ensure that the security strategies are being followed, to meet the organizational security goals and standards.

· Maintain the Third-Party Service Provider management system by analyzing and controlling risks presented to Johnson & Johnson, the company’s data, & operations, that might be presented by Third-Party Service Providers (TPSP)

Education and Work Experience:

· Baccalaureate degree in Information Management or a related security information technology field 

· Experience in project management and change management 

Knowledge Skills & Abilities:

· Knowledge of network infrastructure

· Knowledge of database applications

· Good presentation and communication skills

· ISACA Certified Information Security Manager Certification 

· CompTIA Security Certification 

· CompTIA Secure Infrastructure Specialist Certification 

Typical Physical Demands:

· Requires the ability to sit or stand for long periods of time, occasional stooping, and reaching; May require lifting-up to 50 pounds; requires normal range of vision and hearing with or without accommodations.

· Must have a valid driver’s license

· Opportunity for travel to remote offices for support and special projects

· Scheduled weekend and after hours’ work as needed