Johnson & Johnson is recruiting for a Manager, Third Party Integrated Risk Management . This position is preferably based in Raritan (NJ), USA or Beerse, Belgium. This role may require up to 5% travel.
Are you ready to utilize your technical expertise and security knowledge to change the trajectory of health for humanity? We have a position for you!
Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 130 years. We embrace research and science -- bringing innovative ideas, products, and services to advance the health and well-being of people.
At Johnson & Johnson, we believe good health is the foundation of vibrant lives, thriving communities and forward progress. That’s why for more than 130 years, we have aimed to keep people well at every age and every stage of life. Today, as the world’s largest and most broadly-based healthcare company, we are committed to using our reach and size for good. We strive to improve access and affordability, create healthier communities, and put a healthy mind, body and environment within reach of everyone, everywhere. Every day, our more than 130,000 employees across the world are blending heart, science and ingenuity to profoundly change the trajectory of health for humanity.
Thriving on a diverse company culture, celebrating the uniqueness of our employees, and committed to inclusion. Proud to be an equal opportunity employer!
As a member of the ISRM integrated Risk Management team, the Manager, Third Party Integrated Risk Management (TPiRM) Governance will manage the process to identify and assess potential information and cyber security risks associated with third-party relationships within our organization. This role plays a crucial part in safeguarding our company's data, business processes, reputation, and compliance with relevant regulations.
You will develop and manage processes in support of the third party risk framework, identifying risks and driving improvements to enhance security processes and controls around third parties. You will influence other internal functions within J&J regarding business partner security policies, practices, and procedures.
- Lead comprehensive assessment of prospective third-party vendors with a focus on their cybersecurity capabilities and data protection measures.
- Identify and evaluate potential cyber risks associated with third-party vendors, considering their impact on the security and confidentiality of our data and processes.
- Monitor the industry landscape for emerging threats with external partners.
- Provide professional expertise on third-party and security consulting to internal partners.
- Collaborate with other members ISRM, J&J Compliance function, J&J Global Privacy and Procurement organizations to influence vendor risk management processes across the organization.
- Derive insights from key risk indicators and report on status of compliance to cybersecurity policy requirements and risk identification.
- Support special projects and other duties as assigned.
- A minimum of a bachelor’s degree or equivalent degree is required. An advanced degree is preferred.
Experience and Skills:
- A minimum of 7 years of business experience.
- A minimum of 5 years of experience in risk management, cybersecurity or business risk analysis.
- Experience with performing security audits and assessments.
- Experience with Third Party Risk Management.
- Highly motivated with the willingness to take ownership and responsibility for work.
- Strong interpersonal skills to build and maintain relationships with internal stakeholders.
- Excellent organizational and time management skills.
- Willingness to learn and adapt to evolving information security practices.
- Focused, structured, and logical approach to problem solving.
- Demonstrated ability to lead multiple projects successfully.
- Enjoy working in a global and diverse team environment.
- Experience with security standards (e.g. ISO27001, NIST, etc.).
- Certifications in cybersecurity (CISM, CISSP), audit (CISA), or risk management (CRISC).
- Experience working with GRC tools e.g., ServiceNow
- Experience with Supply Chain.
Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
For more information on how we support the whole health of our employees throughout their wellness, career, and life journey, please visit www.careers.jnj.com .
The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market. The anticipated base pay range for this position is $99,000 to $172,000.
The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/ performance year. Bonuses are awarded at the Company’s discretion on an individual basis.
Employees may be eligible to participate in Company employee benefit programs such as health insurance, savings plan, pension plan, disability plan, vacation pay, sick time, holiday pay, and work, personal and family time off in accordance with the terms of the applicable plans. Additional information can be found through the link below.
For additional general information on company benefits, please go to: