[IT] Senior Manager Business Information Security Commercial [IM]

At Johnson & Johnson, we believe health is everything.

Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com

Job Function:
Technology Enterprise Strategy & Security

Job Sub Function:
Security & Controls

Job Category:
People Leader

All Job Posting Locations:
JP007 Tokyo J&J Headquarter

Job Description:

Position Overview:

Johnson & Johnson is seeking a dedicated cybersecurity professional to join our team as the Sr.

Manager Cybersecurity, Information Security & Risk Management (ISRM), J&J Innovative Medicine (J&JIM)  Japan.

The complete candidate is a self-starter who thrives in a fast-paced environment and is eager to inspire change within an established organization.

This position is tasked with leading a small team to drive Cyber Trust and Security by Design through consulting, engagement, and assurance, support the strategy for embedding cyber security into business initiatives, improving risk posture, secure critical intellectual property, protect sensitive assets, improve site security, and enhance business resiliency. 

Key Responsibilities:


* Engagement: Build relationships and collaborate with J&J Innovative Medicine Japan IT and business partners to ensure security is integrated into all solutions and vendor relationships.


* Project Leadership: Lead and drive key projects in alignment with the ISRM security strategy to improve cyber capabilities and maturity.


* Security Assurance: Ensure controls are appropriately implemented, perform security testing (e.g., vulnerability scans), and ensure proper remediation.


* Consulting: Provide security consulting by crafting controls related to confidentiality, integrity, and availability, and assess risks against these requirements.


* Compliance: Ensure compliance with cybersecurity regulatory mandates and internal policies.


* Standardization: Drive consistency and use of common security products, practices, and standards across the organization.


* Capability Adoption: Enable ISRM capabilities for the business including awareness, business impact, exceptions handling


* Risk Posture Assurance: Provide assurance leadership on the cybersecurity risk posture of J&J IM Commercial capabilities, including design reviews, risk assessments, and consultation on remediation.


* Education and Training: Illuminate cybersecurity procedures and controls for internal partners awareness and understanding.


* Metrics Communication: Share valuable metrics with senior leadership, including visibility of security incidents, vul...