Principal Architect, Security Architecture - Security Services (1 of 2)

Description

Johnson & Johnson is currently seeking a Principal Architect, Security Architecture - Security Services to join our ISRM team located in Raritan, NJ.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at

For more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day. Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world. Our diverse workforce and culture of belonging accelerate innovation to solve the world's most pressing healthcare challenges.

We know that the success of our business - and our ability to deliver meaningful solutions - depends on how well we understand and meet the diverse needs of the communities we serve. Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued and our people can reach their potential.

At Johnson & Johnson, we all belong.

This role actively tracks and manages security innovation engagements across the Security Architecture and Innovation (SAI) team. They collaborate with various internal stakeholders, such as sector architects and business facing ISRM teams, to gather input and insights on current technology solution products and capabilities. With this knowledge, they provide extensive guidance and consulting direction to promote the adoption of innovative security solutions.

Role:

The Principal Architect, Security Architecture - Security Services participates actively and directly partners within ISRM BIS and security service teams and will be primarily responsible for development and maintenance of the enterprise (cross-technology) security technology architecture and near-term roadmap pertinent to significant business facing initiatives and core programs as well as providing key consulting expertise. Identifies future acceleration opportunities. They are constantly monitoring and evaluating emerging security technologies and trends, staying up to date with the latest advancements in the field. With this knowledge, they can identify potential opportunities for future improvement and contribute to the long-term strategic planning of security technology within the sector initiatives.

Principal Architect, Security Architecture - Security Services will be accountable for gathering input from key stakeholders including sector architects and business facing ISRM teams and provide extensive insights and actionable consulting direction through knowledge of current technology solution products and capabilities roadmap as well as in-depth knowledge of key solution roadmaps and schedule across other technology areas to build a living roadmap updated quarterly that prioritizes remediation of risk gaps.

The person will:

• Provide expert input and consulting expertise to key strategic sector initiatives/ programs understanding current security technology and product sets and future acceleration opportunities to meet needs,
• Partner to maintain and publish a holistic and integrated enterprise security technology architecture,
• Partner to support the detailed short term and near-term technical & functional roadmaps across all products and technologies in use across the security technology teams,
• Maintains industry connection across peer groups and research teams to continuously understand new and emerging security technologies and solutions that maybe disruptive and significant velocity enablers for addressing and mitigating the threat / risk landscape at JNJ,
• Partners with Service lifecycle team to ensure customer facing technology solutions have an integrated service definition, service blueprint and operating model.

Principal Architect, Security Architecture - Security Services will be assigned to key BIS teams and a combination of ISRM service teams as a key SME and expert architect providing in-depth technical guidance and direction for strategic programs and use of new or emerging technology solutions. In addition, may be responsible for tracking and management of security innovation engagements across the overall Security Architecture and Innovation (SAI) team. This will be prioritized based on the overall load and expectations of the role.

Qualifications

o Minimum of 12 years of experience in information security technologies with a minimum of 5+ years of related Information Security Risk

o Management SME experience or a combination of 15+ years of combined experience In-depth Knowledge of Security Frameworks and Standards

o A strong understanding of various security frameworks and standards, such as ISO 27001, NIST Cybersecurity Framework, CIS Controls, and SOC2.

o Familiarity with industry-specific security standards, regulations, and requirements, (e.g., PCI DSS, HIPAA, GDPR, GxP etc.).

• Proficiency in Security Architecture and Design:

o Knowledge and experience in designing and implementing secure architectures for complex systems, networks, and applications.

• In-depth and practical Knowledge across key Security Technologies

o Comprehensive knowledge of a wide range of security technologies, tools, and solutions, including firewalls, intrusion detection/prevention systems, encryption, identity, and access management (IAM), vulnerability management, endpoint protection and cloud security technologies, including Secure Access Service Edge (SASE), Cloud Access Security Brokers (CASB), and Cloud Security

o Posture Management (CSPM).

• Experience in ensuring compliance with security standards, regulations, and industry best practices.
• Experience in managing and responding to security audits, assessments, and regulatory inquiries.
• Excellent written and verbal communication skills, with the ability to convey complex technical concepts to both technical and non-technical stakeholders.
• Strong collaboration and influencing skills, with the ability to work effectively with cross-functional teams and senior leadership.
• A strong commitment to staying updated with the latest industry trends, security research, emerging threats, and evolving standards.
• Strong analytical and problem-solving skills, with the ability to identify potential security risks or weaknesses and develop effective strategies for mitigation.
• Attention to detail and the ability to think critically to assess complex security challenges.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.
• Effectively works with virtual, global teams - including diverse groups of people with varied backgrounds and cultural experiences.

Preferred:

• MS and/or advanced degree preferred.
• Certifications in related areas (e.g. SANS GPEN/GWAPT/GXPN, OSCP, CEH) are a plus
• AWS Certifications - AWS Solutions Architect (Associate), AWS Security Specialty are a plus
• Core understanding of IP Networking, routing, VPNs.
• Some visualization tool knowledge (i.e., Tableau, Power BI)
• GxP background an asset (desirable, but not required)

The anticipated base pay range for this position is $118000 to $203550.

Bonus: - The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation's performance over a calendar/performance year. Bonuses are awarded at the Company's discretion on an individual basis.

• Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
• Employees may be eligible to participate in the Company's consolidated retirement plan (pension) and savings plan (401(k)).
• This position is eligible to participate in the Company's long-term incentive program.
• Employees are eligible for the following time off benefits:
• Vacation - up to 120 hours per calendar year
• Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington - up to 56 hours per calendar year
• Holiday pay, including Floating Holidays - up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year
• Additional information can be found through the link below.

The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.