Director- Cyber Policy, Governance and Compliance

$142,000 - $244,950/Yr

Johnson & Johnson - Raritan, NJ

posted 18 days ago

Full-time - Director
Raritan, NJ
Chemical Manufacturing

About the position

The Director of Cyber Policy, Governance & Compliance at Johnson & Johnson is responsible for overseeing the company's cybersecurity policies and ensuring compliance with global laws and regulations. This role involves developing and maintaining a comprehensive cyber compliance program, collaborating with various corporate functions, and providing leadership to the Policy, Governance & Compliance team. The Director will also monitor emerging compliance issues and influence senior management decisions to enhance the organization's cybersecurity posture.

Responsibilities

  • Develop strategy to ensure company cybersecurity policies and standards are in alignment with industry standards and compliance obligations.
  • Drive creation of new policies and standards based on emerging risks and/or technology.
  • Develop and maintain an overall cybersecurity governance and compliance program, including defining compliance metrics and reporting to relevant stakeholders.
  • Apply relevant laws, regulations, and industry standards to the organization's information systems and practices using a strategic approach for compliance.
  • Act as an internal reference point for industry knowledge, proactively monitoring and updating the organization on emerging compliance issues.
  • Lead the creation and maintenance of governance and compliance documentation and records.
  • Communicate cybersecurity compliance requirements to senior management and business stakeholders, influencing their decisions for proactive actions to elevate the cyber posture.
  • Partner and collaborate with other company compliance leaders and teams, including Privacy, Global Audit & Assurance, and Quality.
  • Partner with Government Affairs to both identify and influence emerging cyber laws/regulations.
  • Support Corporate stakeholders through the generation of cybersecurity program content (e.g., Environmental, Social & Governance).
  • Provide People Leadership for the Policy, Governance & Compliance team, ensuring ongoing development of team members.
  • Support ISRM organizational initiatives (e.g., Talent, Learning & Development, etc.)

Requirements

  • A bachelor's degree is required, preferably in Computer Science, Engineering or Information Security/Cybersecurity.
  • 8+ years of Information Security/IT Risk Management experience with growing responsibilities.
  • 5+ years of cybersecurity governance and compliance experience.
  • 3+ years of SOX controls and compliance experience.
  • Experience with a variety of compliance frameworks, such as HIPAA and PCI DSS.
  • Experience with cybersecurity frameworks, such as the NIST Cybersecurity Framework, ISO 27001, ISO 27002, and SOC2.
  • Experience implementing, operating, and maturing cybersecurity compliance with relevant frameworks, standards, and regulations.
  • Demonstrable record of effectively collaborating with virtual, global teams, including diverse groups of people with varied backgrounds and cultural experiences.
  • Excellent communication and interpersonal skills.
  • Experience at a large multinational organization.
  • Ability to lead a diverse staff.

Nice-to-haves

  • Certifications: Information Security & Risk Management certifications preferred.

Benefits

  • Medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
  • Consolidated retirement plan (pension) and savings plan (401(k)).
  • Vacation - up to 120 hours per calendar year.
  • Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington - up to 56 hours per calendar year.
  • Holiday pay, including Floating Holidays - up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service