Cyber-Security/Risk Management /Engineer Assoc. Analyst

Full Time
New Brunswick, NJ
Areas of Interest: Test and Evaluation, Threat Analysis, Vulnerability Assessment and Management
report a problem

Feed your passion.
What type of mark will YOU make?

Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products and services to advance the health and well-being of people. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day.

Johnson & Johnson is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. There are more than 275 Johnson & Johnson operating companies employing approximately 128,000 people in 60 countries throughout the world.

Opportunities exist within the Johnson & Johnson US-based Family of Companies that will specialize in cyber-security/risk management. The team’s overall mission is to measure, and put programs into place to reduce the overall risk profile of J&J’s portfolio of digital assets. The Digital Asset Risk Management (DARM) team sits within the Information Security and Risk Management (ISRM) organization and is responsible for assessing security of Johnson & Johnson internet-facing web applications and public-facing mobile applications. You will join the global team that performs web application security testing for all publicly facing J&J digital assets on a regular basis.  (S)he will also collaborate with other security team members and developers, and provide guidance in the remediation of security findings.


Position Responsibilities (include but not limited to) 

  • Replicate the actual techniques and tools used by malicious attackers to model potential external threats.
  • Analyze test results, draw conclusions from results, and develop targeted exploit examples.
  • Prepare test plans and test result reports.  Present the results to development teams.
  • Collect and report key metrics for identified vulnerabilities in web and mobile applications.
  • Verify digital assets are developed and managed according to the Information Asset Protection Policies (IAPP’s).
  • Research, evaluate, recommend, and configure new testing tools used for web security testing and validation activities that can be added to the testing toolbox.
  • Coordinate with existing tools team and maintain security testing tools environment.
  • Identify and Investigate emerging trends in technologies and digital media. 
  • Ability to bridge high-level security ideas to practical application
  • Knowledge of information security concepts and challenges with emerging security-relevant technologies
  • Knowledge of SOX controls and SDLC, preferred
  • Ability to perform forensic analysis

Thriving on a diverse company culture, celebrating the uniqueness of our employees and committed to inclusion, J&J is proud to be an equal opportunity employer.

  • You are authorized to work permanently in the U.S. and live in the U.S.
  • Cumulative GPA of 3.0 or better at time of interview and hire, preferred.
  • A Bachelors or Master’s degree attained between June 2017 – June 2018.
  • Your degree in a relevant field (Cybersecurity, Information Assurance, Information Security, Information Systems Security, Information Technology, Computer & Network Security; Computer Engineering, Computer Science, Software Engineering / Development, or something equivalent.)
  • Required to relocate geographically within the United States.
  • Experience working in the healthcare industry, preferred.
  • Advanced analytics and problem solving skills.
  • Willingness and ability to learn in a dynamic environment.
  • A passion for and knowledge of leading and emerging technologies.
  • Understanding of application security mechanisms such as authentication and authorization techniques, data validation, and the proper use of encryption
  • Understanding of, and the ability to recognize, various types of application security vulnerabilities.  Understanding of OWASP Top 10.
  • Knowledge of Drupal preferred.
  • Knowledge of PHP, Python, Java, JavaScript, SQL, HTML5, and CSS3 preferred.
  • Knowledge of Web Services technologies such as XML, JSON, SOAP, REST, and AJAX preferred.
  • Proven analytical and problem solving skills, as well as the desire to assist others in solving issues.
  • Highly motivated with the willingness to take ownership / responsibility for their work and the ability to work alone or as part of a team.
  • Passion for a career in technology

Primary Location:  United States--
Other Locations:  North America-United States-Pennsylvania, North America-United States-New Jersey
Organization:  Johnson & Johnson (6067)
Job Function:  Info Technology
Requisition ID:  00001AQO

Johnson & Johnson Family of Companies are equal opportunity employers, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status, or any other characteristic protected by law. EEO is the law | EEO is the law GINA Supplement

Share this job:

Johnson & Johnson

Caring for the world, one person at a time... inspires and unites the people of Johnson & Johnson. We embrace research and science - bringing innovative ideas, products and services to advance the health and well-being of people. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.

Our Family of Companies comprises:

The world’s premier consumer health company.
The world’s largest and most diverse medical devices company.
The world’s third-largest biologics company.
And the world’s sixth-largest pharmaceuticals company.

We have more than 250 operating companies in 57 countries employing 120,200 people. Our worldwide headquarters is in New Brunswick, New Jersey, USA.

Health Care, Medical Devices & Diagnostics, Pharmaceuticals, Consumer
Visit Johnson & Johnson's Social Media pages:
Company Industry: Hospital & Health Care
Company Type: Public Company
Company Size: 10,001+