Cybersecurity Vulnerability Analyst
ARCHIVED
We can't find an active application page for this role right now. It may reopen or be listed elsewhere. Use Next Steps to search for an active apply link and similar live jobs.
Staff Product Security Engineer - Vulnerability ManagerThe Product Security team within Johnson & Johnson's Information Security & Risk Management (ISRM) is recruiting for a full-time Staff Product Security Engineer to join the ISRM Product Security-JJSV team to provide support to Johnson & Johnson Surgical Vision (JJSV) R&D. This position is located in Milpitas, CA.Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products, and services to advance the health and well-being of people.With billion in 2020 sales, Johnson & Johnson is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen.Position SummaryThe Staff Product Security Engineer will be responsible for implementation of J&J's enterprise Product Security strategy and framework throughout Johnson & Johnson Surgical Vision (JJSV) medical device portfolio. This includes identifying key strategy and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to senior management, identifying communications plans and raising overall awareness of the capability. Specific responsibilities include supporting JJSV R&D in post market responsibilities for JJSV's marketed devices include monitoring for new vulnerabilities, leading cross-functional risk assessment, assisting with patching and remediation plans, as well as responding to all customer security questionnaires and reviewing security language within contractual agreements.Major Duties & ResponsibilitiesSupport Global Product Security's frameworkHelp drive Product Security strategy and goals within JJSVPartner with internal organizations to improve existing processes and policiesCreate and present Product Security metrics to senior managementHelp carry out Product Security governance model for post market devices.Security compliance assessment and recommendation of remediation plans.Respond to customer questionnaires and contractual language.Perform other work-related duties as assigned.Qualifications• Minimum of a Bachelor's degree is required.• A minimum of 6 years of experience in cybersecurity, engineering, or QA is required• Ability to create and deliver Product Security awareness campaigns and other communications is required• Must possess understanding of vulnerability scanning, CVSS and/or other general security testing principles.