Johnson & Johnson Careers

Lead, Data Protection Security

Raritan, New Jersey
Information Security

Job Description

Requisition ID: 4603190117

Johnson & Johnson is currently recruiting for a Lead, Data Protection Security within its Information Security and Risk Management (ISRM) group. This position will be based out of Raritan, NJ.


Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 130 years. We embrace research and science -- bringing innovative ideas, products and services to advance the health and well-being of people.


With $81.6 billion in 2018 sales, Johnson & Johnson is the world's most comprehensive and broadly-based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. There are more than 250 Johnson & Johnson operating companies employing over 125,000 people and with products touching the lives of over a billion people every day, throughout the world. If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen.


Johnson & Johnson recognizes that information is a critical business asset and that our ability to manage, control and protect this asset will have a direct and significant impact on our success as a business. You will be part of the Information Security & Risk Management (ISRM) organization, focused on engineering, deploying and operating a data protection platform which utilize capabilities such as tokenization and/or format preserving encryption to assist the enterprise in meeting data protection requirements. Your main focus will be to work both with ISRM colleagues and the data platform and analytics teams to implement specific data protections that meet regulatory and J&J data protection requirements while ensuring usability to the business.

  • You will be a key member of the ISRM team responsible for deploying the data protection platform through design and hands-on administration as well as assisting with the development and execution of the operational strategy.
  • Identify and recommend platform and process changes aimed at growing and continually improving the data protection service
  • Partner with data and application owners to jointly identify appropriate end-to-end data protection technologies to protect various types of data (i.e. tokenization vs encryption vs. format preserving encryption
  • Support product/platform owners during installation and troubleshooting of data protection platform components
  • Prepare technical/SDLC documentation for product operationalization
  • Collaborate with other ISRM team members to provide guidance in remediation of security issues/ concerns identified
  • Assist in devising a “follow the sun” operational model, ensuring a resilient, secure, and functioning architecture
  • Deliver Tier-3 support for incidents related to the data protection platform with a specific focus on rapid resolution of security related breaches and other malicious activity
  • Partner with IT contacts, end users and ISRM during response activities.
  • Assist with developing and the producing metrics that demonstrate the effectiveness of controls within the Data protection environment
  • Perform other work-related duties as assigned

  • A minimum of a Bachelor’s degree is preferred; preferably in computer science, risk management, security, or a related major
  • A minimum 6 years of overall professional IT experience is required
  • A minimum of 3 years hands-on experience working with a wide range of technologies, including but not limited to Windows & Linux O/S, in memory data grids, data warehousing platforms, application environments, Hadoop and/or other big data platforms is required
  • Experience with SQL language, LDAP, scripting/coding (C/C++, Java, Python), and Web services (REST/SOAP) is preferred
  • Working experience with Database systems (any one of them): Postgres SQL /Oracle/MSSQL/Teradata is preferred
  • Solid understanding of information security principles, practices and technologies
  • Understanding of regulatory compliance requirements (such as PCI, HIPAA, Sarbanes-Oxley, Cross Border, GDPR) as they relate to data protection
  • Sound knowledge of cryptography and security protocols
  • Understanding and proficiency in development of secure architectures, requirements analysis, and investigation of leading edge technologies
  • Critical thinking and analytical skills is required
  • Effectively works with virtual, global teams – including diverse groups of people with varied backgrounds and cultural experiences
  • Good social skills with a customer focus (internal and external to J&J)
  • Results oriented/sense of urgency – ability to work towards tight timelines
  • Demonstrated experience in the creation and maintenance of operational documentation such as Standard Operating Procedures (SOP) and/or Work Instructions (WI)
  • Demonstrated time management ability, juggling multiple priorities over spans of time

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Primary Location
United States-New Jersey-Raritan-
Johnson & Johnson Services Inc. (6090)
Job Function
Information Security
Requisition ID