Johnson & Johnson Careers

Product Security Analyst

Fort Washington, Pennsylvania
Information Security


Job Description

Requisition ID: 1624180606

The Product Security team within Johnson & Johnson’s Information Security & Risk Management (ISRM) is recruiting for a Product Security Analyst to support the design and development, testing and post market management of Products of the Johnson & Johnson Family of Companies globally. In this position, you will have the option to sit at any J&J site within NJ or PA with a preferred location of Fort Washington, PA.
 
Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products and services to advance the health and well-being of people. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.
 
The analyst will join the Johnson & Johnson Product Security team, whose overall mission is to ensure all products of the Johnson & Johnson Family of Companies are built on Cybersecurity best practices and Cybersecurity Risks in marketed products are properly managed to support our customer’s safety and security.
 
The main responsibility of this role is to help ensure software, hardware, and related components in products of the J&J Family of Companies are protected from cyber-attacks. In this role, you will be a part of a growing team, and will be integral in the future of crafting the product security practices for Johnson & Johnson. Your responsibilities will include supporting the development of secure products, analyzing products for vulnerabilities, and supporting the handling of cyber-attacks in an efficient and effective manner. This is essential for patient safety and confidence in Johnson & Johnson products.
 
Tasks/Duties/Responsibilities:
  • Engages in Credo-based decision-making
  • Provide product security SME support for new products in development
  • Architect effective security strategies for Healthcare Technology solutions
  • Replicate the actual techniques and tools used by malicious attackers to model potential threats
  • Analyze test results, draw conclusions from results, and develop targeted exploit examples
  • Prepare test plans and test result reports
  • Collect and report key metrics for identified vulnerabilities in products
  • Identify and Investigate emerging trends in technologies and product security
  • Coordinate with existing tools team and maintain security testing tools environment
  • Research, evaluate, recommend, and configure new testing tools used for product security testing and validation activities

Qualifications
  • A minimum of a Bachelor’s degree is required; preferably in computer science, risk management, security, or a related major
  • A minimum of 1 year of relevant experience is required
  • Highly effective internal and external communicator with exceptional oral, written and presentation skills is required
  • Willingness and the ability to learn in a dynamic environment is required
  • A real passion for, and knowledge of, leading and new technologies is required
  • An understanding of application security mechanisms, such as authentication and authorization techniques, data validation, and the proper use of encryption is required
  • An understanding of, and the ability to recognize, various types of application, infrastructure, and protocol security vulnerabilities is required
  • Knowledge of OWASP Top 10, CVSS, and CVE is required
  • Proven analytical and problem-solving skills, as well as the desire to assist others in solving issues is required
  • Highly motivated with the willingness to take ownership / responsibility for their work as well as the ability to work alone or as part of a team is required
  • This position will sit in either NJ or PA (preferably Fort Washington, PA) and will require up to 20% travel
Thriving on a diverse company culture, celebrating the uniqueness of our employees and committed to inclusion, we are proud to be an equal opportunity employer.

Primary Location
United States-Pennsylvania-Fort Washington
Other Locations
North America-United States-Pennsylvania, North America-United States-New Jersey
Organization
Johnson & Johnson Services Inc. (6090)
Job Function
Information Security
Requisition ID
1624180606