Senior Database Security

At Johnson & Johnson, we believe health is everything.

Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com

Job Function:
Technology Enterprise Strategy & Security

Job Sub Function:
Security & Controls

Job Category:
Scientific/Technology

All Job Posting Locations:
Warsaw, Masovian, Poland

Job Description:

We are searching for the best talent for Senior Database Security to be based in Sao Jose dos Campos, Brazil or Warsaw, Poland.
 

Purpose:

Establish and operate a dedicated L3 Support function for Database Activity Monitoring (DAM) to strengthen data security, regulatory compliance, and incident response.

This role brings hands-on expertise in IBM Guardium (or equivalent DAM), cloud and containerized environments, CI/CD, and database security operations to proactively protect, monitor, and audit critical data assets, with a focus on Guardium Data Protection (GDP) maintenance and optimization—installing patches/releases, resolving L1/L2 critical issues, supporting UAT, tuning GDP policies to reduce false positives, aiding security incident response, and updating documentation.

This will improve security posture, shorten remediation times, and ensure ongoing compliance.
 

Key responsibilities:


* Install patches and new GDP releases on servers and agents


* Fix and resolve production issues advanced by L1/L2


* Support UAT tests


* Tune GDP policies to reduce false positives


* Assist security incident response


* Update and maintain documentation
 

Qualifications:


* 7+ years in IT infrastructure and DBMS platform security risk management, vulnerability management/security configurations; relevant certifications (e.g., CISSP, GIAC, OSCP) preferred. 


* Solid experience with SQL, database security hardening, CIS Benchmarks, cloud security solutions, Identity Management integrations, and threat modeling. 


* Excellent collaborator of communication and executive reporting skills. 

Nice to have:


* Experience with regulatory frameworks (NIST CSF, 800-53, ISO 27001, PCI-DSS, HIPAA). 


* Prior experience conducting controlled exploitation simulations or red-team/blue-team exercises.


* Knowledgeable on AKS/EKS clusters, Docker containers, HELM Chart, XENA, Load balancers, TLS, and Network security. 
 

Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements.

While you are welcome to apply to any or all of the postings, we recommend focusing on the ...