Manager, Network Security Engineering

Johnson & Johnson is looking for a Manager, Network Security Engineering to be part of a fast-paced, innovative, and highly visible team. The position will be in Raritan, New Jersey.

The Manager, Network Security Engineering will play a key role in the J&J Information Security and Risk Management organization. Her/His responsibilities include Engineering, Deployment, and product delivery of security technology. Role will be responsible for the implementation of a Zero-Trust infrastructure that provides security capabilities across the enterprise with a primary emphasis on Network Access Control Security, Zero-Trust Network Access, Network flow traffic analysis, inspection technologies, intrusion prevention, including next generation security technologies. Collaborates with key technology leads to seamlessly integrate advanced cybersecurity software, network security systems, and risk management frameworks that advance enterprise security capabilities and mitigate emergent security breaches. As a Product Manager, role is responsible and accountable for Designing, Building, Development and Engineering Support of network security related products and technologies. She/He will partner with other Information Technology groups, including, End-User, Network Services, Cloud infrastructure teams and Enterprise Technology to ensure Security products are deployed and aligned with all aspects of core infrastructure capabilities. In addition, the Manager of Network Security Engineering, needs to have great Communication (oral and written), leadership, and Business relationship skills to coordinate efforts during security incident and collaboration with other Information Security groups to provide guidance in the remediation of security findings.

RESPONSIBILITIES/PRINCIPAL DUTIES

• Own Network Security Engineering review services
• Plan, Design, Engineer, Test and "package", as well as Support and Manage product features and capabilities of Network Security technologies
• Plan, Design, Engineer, Test and "package" integration strategies and transition of existing and new technologies
• Design and create required documentation in support of Network Security products and technologies
• Partner with other IT and Business groups (including End-User, Network Services, Cloud and Enterprise Technology, external providers, vendors) to ensure effective and efficient design and functionality
• Manage Day to Day Security Products vendors ensuring prompt delivery of quality services, features, capabilities, bug fixes, etc. by developing and managing key performance indicators, and quality metrics
• Perform L3 Engineering related activities in support of the environment including troubleshooting issues and own escalation of issues as needed with respective vendors
• Candidate will make decisions related to the effectiveness of key security products and technologies for J&J and present to management
• Candidate will use their judgement and expertise to work through design and implementation issues throughout projects, escalating to the project team and management as appropriate
• Candidate will make decision regarding the prioritization of activities across the teams. Candidate must be able to make independent and binding determinations with regards to the cost effective, efficient and security design and implementation of the technologies
• Candidate will be responsible for management of new and emerging Network Security Technology Products and, support the Network Access Control technology (Policy lifecycle management, device profiling and visibility, security posture checks ensuring security-compliance by device type, operating system, and other networking access controls)
• Create, maintain, and continuously improve standard operating procedures, installation guides and knowledge articles
• Investigate opportunities to develop greater level of automation and API based integration
• Recommend configuration and enhancements for Network Security Products, based on contextual information and current Cybersecurity threat landscape
• Act as liaison with vendors and suppliers whose technologies are utilized
• Prepare and presents management level briefings on technology improvement recommendations
• Assist in the strategic information security direction for Johnson & Johnson and present to management, recommend new policy requirements and recommend program management decisions on relevant security programs
• Partner with Information Technology group and Information Security during incident response activities
• Assist with security events/incidents, supporting incident response activities with Cyber Security Operations as appropriate
• Perform other Network Security work-related duties as assigned
• Identify operational deficiencies, technology gaps and participate in actions plans to address them
• Participate in assigned security related projects as the Information Security owner and SME of these technologies, responsibilities include, but not limited to, defining required resources for completion, and identifying and highlighting possible technology, resource, and/or skill gaps
• Provide input and recommendations to management on the risk profile, emerging security trends (internal and external) and risk management strategies
• Recommend configuration and enhancements to ensure protection and productivity for Isolated Computing Environments (ICE)

Qualifications

• 7+ years' experience in Network Security or related field
• 4+ years of experience with Network Access Control technologies, Zero-Trust Network Access and/or Secure Services Information Security and/or Network Engineering experience, preferably within a global, regulated, healthcare industry, is required
• A Bachelor's Degree required with a preference in Computer Science, Engineering, Risk Management, Cyber Security, or a related field
• Must have people management experience
• Industry certifications like ITILv3, CISSP, CISM,CEH or equivalent security experience preferred
• Engineering, Deployment and Support experience with key Security Products and/or industry equivalent is required
• Experience in security tools / product roadmap development
• Understanding and deployment of Cisco ISE in a distributed design
• End user client provisioning, Certificate installation and management
• An understanding of network routing/switching security, firewalls, network management, configuration, DNS security, DDoS mitigation, traffic analysis, Intrusion Prevention Systems is required
• Demonstrated experience with Network Security Engineering, recognizing network-based threats and vulnerabilities is required
• Willingness and the ability to learn in a dynamic environment is required
• Experience working in large, global organization with strong influence and presentation skills
• Experience leading global projects and geographically diverse teams
• Experience with M&A activities and use of Zero-Trust technologies is required
• Demonstrated experience in writing and managing compliance / SDLC documentation, including the ability to coach others for the quality of content, is required
• Demonstrated ability to manage complex projects, priorities and/or multiple tasks

The anticipated base pay range for this position is $99,000- $170,200

#JNJTech

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.