[Hiring] Senior Product Security Cloud Engineer @Johnson & Johnson Innovative Medicine

Role Description

Johnson & Johnson’s MedTech cybersecurity team is recruiting for an experienced Senior Product Security Cloud Engineer. The role can be remote-based or located onsite in Danvers, MA or Raritan, NJ. The role must work US East Coast hours and requires up to 10% travel.

As the world’s most comprehensive MedTech business, J&J MedTech Companies are building on a century of experience, merging science and technology, to shape the future of health and benefit even more people around the world.

Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First! culture? If that’s you, we have an immediate opportunity for a Sr. Manager Medical Devices Product Security to join the Product Cybersecurity team to help ensure security is implemented by design for this top-performing medical device company.

The Senior Product Security Cloud Engineer should have MS Azure experience and will be responsible for implementation of J&J’s enterprise Product Security strategy and framework for the Heart Recovery cloud and supporting platforms. This role will join Abiomed, part of Johnson & Johnson MedTech, to provide MS Azure Cloud technical expertise and strategic leadership in securing Impella heart pump cloud technologies, next-generation cardiac support systems, and connected medical devices to the MS Azure cloud.

• Responsible for delivering MS Azure cloud security architecture, cryptographic controls and Public Key Infrastructure (PKI), cloud security protections/controls, and threat mitigation techniques.
• Support heart recovery throughout a new product’s development phases.
• Define product security requirements and recommend security design solutions.
• Complete Quality documentation including product security plan, security requirements definition, threat modeling, cybersecurity architecture views, and risk assessments.
• Post-market responsibilities include monitoring for new vulnerabilities, developing monthly cybersecurity documentation, and assisting with patching and remediation plans.

Qualifications

• Bachelor’s degree or equivalent.
• 5+ years industry experience in CyberSecurity.
• 5+ years industry experience within MS Azure cloud.
• Experience working in a Cloud Scrum/Agile Azure DevOps environment.
• Familiarity with tools: Snyk, Veracode, Wiz, JIRA, Confluence.
• Experience with Containerization technologies such as Docker and Kubernetes.
• Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).
• Experience with security risk management techniques.
• Demonstrated organizational skills and attention to detail.
• Strong communication and interpersonal skills.

Requirements

• Experience with MS Azure cloud security architecture and design.
• Experience with connected medical devices or IoTs connected to the cloud.
• Drive alignment of the Cloud security controls and adherence to the J&J Product Security’s overarching framework.
• Experience creating or enhancing Cybersecurity Threat Model and Risk Assessment using STRIDE and CVSS frameworks.
• Define and enforce cryptographic protocols for data-at-rest and data-in-transit.
• Implement Zero Trust security for device-to-cloud connectivity.
• Oversee secure OTA update mechanisms.
• Perform threat modeling and cybersecurity risk assessment on Cloud infrastructure and applications.

Benefits

• Vacation – 120 hours per calendar year.
• Sick time - 40 hours per calendar year.
• Holiday pay, including Floating Holidays – 13 days per calendar year.
• Work, Personal and Family Time - up to 40 hours per calendar year.
• Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child.
• Bereavement Leave – 240 hours for an immediate family member; 40 hours for an extended family member per calendar year.
• Caregiver Leave – 80 hours in a 52-week rolling period.
• Volunteer Leave – 32 hours per calendar year.
• Military Spouse Time-Off – 80 hours per calendar year.