Manager, Product Security Vulnerability Management

Company: Disability Solutions
Location: Raritan
Posted on: October 11, 2024

Job Description:

Johnson and Johnson is currently recruiting for a Manager, Product Security Vulnerability Management within the Johnson & Johnson Technology (JJT) organization. This role will be based in Raritan, NJ, Irvine, CA or remote US.At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated and cured, where treatments are smarter and less invasive and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for humanity. Learn more at https://www.jnj.com/.The Manager, Product Security Vulnerability Management will play a key role in implementation of the ISRM Product Security Vulnerability Management Process. This includes supporting identified key strategies and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to MedTech management, supporting communications plans and raising overall awareness of the capability. Specific responsibilities include supporting MedTech Business Units throughout the post market phase, review product vulnerabilities and recommend security design solutions, and support the coordinated vulnerability disclosure process.Key Responsibilities:

• \r
• Reporting directly to the Senior Manager, Product Security Risk Management Engineer this role supports the integration of vulnerability management and provides inputs to initiatives that bolster the cybersecurity resiliency throughout the MedTech business.
• Support the integration of ISRM vulnerability management process into Business Unit Quality Management Systems.
• Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Perform cyber defense trend analysis and reporting.
• Map event correlation using information gathered from a variety of sources within the enterprise to gain situational awareness and determine the effectiveness of an observed attack.
• Participate in security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy using threat modeling.
• Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).
• Collaborate with other ISRM capabilities to ensure risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever high exploit vulnerabilities occur.
• Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).
• Support the creation of plans of action and milestones or remediation plans are in place for vulnerabilities identified during risk assessments.
• Contributes with the Coordinated Vulnerability Disclosure process through the generation of vulnerability memos.
• Applies ISRM product security policies and standards when performing all duties\r\r

Keywords: Disability Solutions, Philadelphia , Manager, Product Security Vulnerability Management, Executive , Raritan, Pennsylvania