Johnson & Johnson Careers

[IT]Manager, Information Security & Risk Management, Commercial, Corporate, and R&D - Aspac

Chiyoda, Japan
Compliance Security


Job Description

Requisition ID: 1905718306W

Position Summary

The Manager, Security & Risk Management will have responsibilities for all aspects of identifying and managing risk for their assigned companies.  He/she will:

·       Serve as the focal point for all information asset protection matters in the Johnson & Johnson Operating Company, Sector organization for which he or she is responsible. 

·        Promote information security within the Operating Company or Sector, including ensuring processes, procedures, and other activities are defined and implemented to meet the requirements of the Information Asset Protection Policies (IAPPs).

·        Have direct interaction with sector personnel, IT, and business leaders.

·        Provide expertise in Information Security & Risk Management to ensure that technology solutions meet all requirements and standards.

          ·        Consult with project teams to determine applicability of various regulations.

Major Duties & Responsibilities

20%

Act as a liaison to business owners to coordinate and manage security and risk management activities as required.  Proactively drive risk-based business strategies anticipating business needs.  Participate in business planning to ensure Information security and risk management capabilities are planned for. 

20%

Promote information security within the Operating Company or Sector, including ensuring processes, procedures, and other activities are defined and implemented to meet the requirements of the Information Asset Protection Policies (IAPPs)

15%

Lead the efforts to apply risk management processes in the business projects to identify and track risks, recommend solutions, validate remediation plans and facilitate implementation.

30%

Responsible for driving ISRM activities and projects across the Sector/operating company, including all information security and risk management activities associated with external regulations and internal Johnson & Johnson policies and procedures such as Sarbanes Oxley, IAPP, PCI, HIPAA.  Ensure that J&J information assets are appropriately identified and valued and are protected by complying with and enforcing all local and worldwide security policies.

15%

Facilitate education and training to the organization on Information Security & Risk Management procedures and controls.

-

Perform other work-related duties as assigned.



Key Working Relationships

Internal

Managing business partner relationships with Senior IT and Business Leaders and key stakeholders Accountability for Information Security & Risk Management business facing teams working in the field close to the business partners for cyber security and business risk officer activities.

External

Managing business partner relationship with key external stakeholders.


Qualifications

Basic Qualifications

Required Years of Related Experience:
7+ years of ISRM experience Other Business unit IT/ISRM experience

Required Knowledge, Skills and Abilities:

·        Bachelor’s degree or equivalent.
·        Hands-on IT Infrastructure Security experience
·        A minimum of 7 years of progressive experience in leadership roles within Cyber Security/Risk Management required.
·        Experience working with operating company/sector required.
·        Experience managing internal, external IT audits and PCI requirements
·        Big Picture/Attention to Detail – align strategic and tactical
·        Results Orientation/Sense of Urgency – ability to drive to tight timelines required.
·        Excellent interpersonal skills required.
·        Creative problem solving skills required.
·        Change leadership expertise required.
·        Customer focus (internal & external) required.
·        Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross sector, cross-functionally and globally required.
·        Proven ability to influence/collaborate to get to desired result required. 
Strong leadership skills required


Preferred Qualifications

Preferred Area of Study:  Information Technology/Information Security

Preferred Related Industry Experience (if applicable):  Information Security, Risk management, Risk Assurance

Preferred Knowledge, Skills and Abilities

·        MS and/or advanced degree preferred.

·        Information Security &Risk Management certifications preferred.

·        Knowledge of key business processes preferred.

  CISSP certification preferred but not mandatory


Primary Location
Japan-Tokyo-To-Chiyoda-
Organization
Johnson & Johnson K.K. (8235)
Job Function
Compliance Security
Requisition ID
1905718306W