Cyber-Security/Risk Management /Engineer Assoc. Analyst
Feed your passion.
What type of mark will YOU make?
Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products and services to advance the health and well-being of people. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day.
Johnson & Johnson is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. There are more than 275 Johnson & Johnson operating companies employing approximately 128,000 people in 60 countries throughout the world.
Opportunities exist within the Johnson & Johnson US-based Family of Companies that will specialize in cyber-security/risk management. The team’s overall mission is to measure, and put programs into place to reduce the overall risk profile of J&J’s portfolio of digital assets. The Digital Asset Risk Management (DARM) team sits within the Information Security and Risk Management (ISRM) organization and is responsible for assessing security of Johnson & Johnson internet-facing web applications and public-facing mobile applications. You will join the global team that performs web application security testing for all publicly facing J&J digital assets on a regular basis. (S)he will also collaborate with other security team members and developers, and provide guidance in the remediation of security findings.
Position Responsibilities (include but not limited to)
- Replicate the actual techniques and tools used by malicious attackers to model potential external threats.
- Analyze test results, draw conclusions from results, and develop targeted exploit examples.
- Prepare test plans and test result reports. Present the results to development teams.
- Collect and report key metrics for identified vulnerabilities in web and mobile applications.
- Verify digital assets are developed and managed according to the Information Asset Protection Policies (IAPP’s).
- Research, evaluate, recommend, and configure new testing tools used for web security testing and validation activities that can be added to the testing toolbox.
- Coordinate with existing tools team and maintain security testing tools environment.
- Identify and Investigate emerging trends in technologies and digital media.
- Ability to bridge high-level security ideas to practical application
- Knowledge of information security concepts and challenges with emerging security-relevant technologies
- Knowledge of SOX controls and SDLC, preferred
- Ability to perform forensic analysis
Thriving on a diverse company culture, celebrating the uniqueness of our employees and committed to inclusion, J&J is proud to be an equal opportunity employer.Qualifications
- You are authorized to work permanently in the U.S. and live in the U.S.
- Cumulative GPA of 3.0 or better at time of interview and hire, preferred.
- A Bachelors or Master’s degree attained between June 2017 – June 2018.
- Your degree in a relevant field (Cybersecurity, Information Assurance, Information Security, Information Systems Security, Information Technology, Computer & Network Security; Computer Engineering, Computer Science, Software Engineering / Development, or something equivalent.)
- Required to relocate geographically within the United States.
- Experience working in the healthcare industry, preferred.
- Advanced analytics and problem solving skills.
- Willingness and ability to learn in a dynamic environment.
- A passion for and knowledge of leading and emerging technologies.
- Understanding of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
- Understanding of, and the ability to recognize, various types of application security vulnerabilities. Understanding of OWASP Top 10.
- Knowledge of Drupal preferred.
- Knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX preferred.
- Proven analytical and problem solving skills, as well as the desire to assist others in solving issues.
- Highly motivated with the willingness to take ownership / responsibility for their work and the ability to work alone or as part of a team.
- Passion for a career in technology
Primary Location: United States--
Other Locations: North America-United States-Pennsylvania, North America-United States-New Jersey
Organization: Johnson & Johnson (6067)
Job Function: Info Technology
Requisition ID: 00001AQO
Johnson & Johnson
Our Family of Companies comprises:
The world’s premier consumer health company.
The world’s largest and most diverse medical devices company.
The world’s third-largest biologics company.
And the world’s sixth-largest pharmaceuticals company.
We have more than 250 operating companies in 57 countries employing 120,200 people. Our worldwide headquarters is in New Brunswick, New Jersey, USA.
Health Care, Medical Devices & Diagnostics, Pharmaceuticals, Consumer
Company Type: Public Company
Company Size: 10,001+