RedwoodCityRecruiter Since 2001
the smart solution for Redwood City jobs

Product Security Manager Cloud Platform

Company: Johnson & Johnson
Location: Redwood City
Posted on: June 6, 2021

Job Description:

Johnson & Johnson's Information Security & Risk Management organization is recruiting for a Product Security Engineer, Cloud to support the J&J Auris Data Platform based in Redwood City, CA or any other US-based location. "Work location is flexible if approved by the Company except that the position may not be performed remotely from Colorado." The Product Security Engineer will be responsible for securely engineering and operating the AWS-based Auris Data Platform (ADP). This cloud platform functions as the connectivity hub for the MONARCH Platform and future systems and services. Specific tasks include translating high-level security requirements into specific and detailed implementation recommendations, reviewing/approving security-focused user stories, generating acceptance criteria, reviewing Quality and cybersecurity documentation, and coordinating periodic security testing. Key Responsibilities: Embed with R&D and product teams to manage prioritization of security backlog items, review user stories, write acceptance criteria, etc. General accountability for secure engineering of platform infrastructure and features. Responsible for running periodic vulnerability scans against the code base and assist development teams in fixing the vulnerabilities. Administer and configure SIEM tools. Help select and implement IDS, IPS and DLP tools. Respond to alerts and adverse events and assist in remediation as needed. Help assist in the implementation of Single Sign-On (SSO) solution. Provide governance and high-level direction for security operations functions and vendors. Perform regular reviews and analysis of security reports and issues, propose solutions where appropriate and lead their remediation. Support ongoing SOC-2, HIPAA and other internal and external assessments and certifications. Respond to customer questionnaires and contractual language related to platform security. Qualifications Education: Bachelor's degree or equivalent work experience is required. Master's or other relevant advanced degree preferred. Experience and Skills: Required: A minimum of 8 years of experience in AWS security and/or comparable cloud-based cybersecurity roles Excellent knowledge of security concepts like Encryption, anti-virus applications, content filtering, firewalls, authentication, IDS, IPS, DLP, etc. on Cloud Platforms (AWS Strongly Preferred). Hands-on experience with Logging and Monitoring Tools (Datadog, AlertLogic or similar). Hands-on experience with web application firewalls (Cloudflare, Akamai or similar) Strong hands-on experience in installation, configuration, and administration of security tools on the AWS Platform. Experience with cybersecurity risk assessments, threat modeling, vulnerability management, security auditing and remediation. Understanding of pen testing, vulnerability scanning, CVSS and/or other general security testing principles with the ability to provide specific recommendations on how to fix resulting vulnerabilities. Practical experience with implementation of HIPAA, HITRUST, NIST and/or other healthcare-related regulatory frameworks Ability to work autonomously and proactively seek out security opportunities within the ADP. Big Picture/Attention to Detail - align strategic and tactical. Results Orientation/Sense of Urgency - ability to drive to tight timelines. Excellent communication and collaboration skills, able to network, interface and influence at all levels of the organization, cross-functionally and globally. Strong leadership skills. Preferred: Security certification like CISSP/ AWS Security Specialist/ CEH or CSSLP a strong plus. Hands-on experience with software security tools and platforms like Checkmarx, Black Duck, Jfrog Xray, etc. Hands-on experience with vulnerability assessment tools Qualys, Nexpose, etc. Knowledge of product or medical device security or MDDS platforms. Working knowledge of microservices architecture and API security. Cognito and Okta experience/knowledge. Experience with GDPR. Experience working within Agile methodology. Understanding of Quality Design Control processes and FDA submission process. Other: No recurring travel is anticipated, but post-COVID periodic trips to NJ and Redwood City may be needed if candidate is not based locally about 10%. Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Primary Location United States-California-Redwood City-150 Shoreline Dr Other Locations North America-United States Organization Auris Health, Inc. (6267) Job Function R&D Requisition ID 2105935121W

Keywords: Johnson & Johnson, Redwood City , Product Security Manager Cloud Platform, Other , Redwood City, California

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Log In or Create An Account

Get the latest California jobs by following @recnetCA on Twitter!

Redwood City RSS job feeds