Manager, Level 2 Threat Response Analyst

Johnson & Johnson is recruiting for a Manager, Level 2 Threat Response Analyst within the Cyber Security Operations Center (CSOC) supporting the Information Security and Risk Management (ISRM) group located in Raritan, NJ or can work remotely in the USA.

At Johnson & Johnson,we believe health is everything.

Our strength in healthcare innovation empowers us to build aworld where complex diseases are prevented, treated, and cured,where treatments are smarter and less invasive, andsolutions are personal.

Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity.

Learn more a t https://www.jnj.com/.

With $82.1 billion in 2020 sales, our company is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets.

Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.

If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen.

Position Summary

Are you driven by a sense of purpose? We are focused, driven, and dedicated to providing world-class Security incident handling services.

On the Cyber Security Operations Center level 1 (CSOC L1)/ level 2 (CSOC L2) team, we continually supervise possible malicious activity on endpoints, servers, networks, applications, databases, websites and other IT systems, looking for malicious activity that could be the indication of a security incident.

We analyze security alerts, assess threat impact and coordinate containment, mitigation and eradication strategies by investing in our people.

Responsibilities include but are not limited to:


* Responsible for advanced ticket analysis, foundational remediations, and identifying and implementing continuous improvement initiatives


* Performs secondary investigation of escalations from L1 Analysts providing additional context


* Utilizing SIEM tools and other security technologies, including monitoring of network traffic, log analysis, and identifying and triaging potential security incidents


* Actively remediates complex malware infections, persistence mechanisms, and compromised accounts via file quarantine, registry and startup file modifications, and forced password/session revocation within AD


* Thorough understanding of Cloud and Operational Technology (OT) environments and infrastructure and uses the tools and methods defined in the standard operation procedure (SOP) to validate indicators of compromise and contain/remediate the threat.


* Identifies potential gaps in security controls, proposes active mitigations, and implements blocks based on file hash, malici...