Student Veterans of America Jobs

Welcome to SVA’s jobs portal, your one-stop shop for finding the most up to date source of employment opportunities. We have partnered with the National Labor Exchange to provide you this information. You may be looking for part-time employment to supplement your income while you are in school. You might be looking for an internship to add experience to your resume. And you may be completing your training ready to start a new career. This site has all of those types of jobs.

Here are a few things you should know:
  • This site is mobile friendly. You do not need a log-in or password to access information.
  • Jobs on this site are original and unduplicated and come from three sources: the Federal government, state workforce agency job banks, and corporate career websites. All jobs are vetted to ensure there are no scams, training schemes, or phishing.
  • The site is refreshed daily to remove out-of-date content.
  • The newest jobs are listed first, so use the search features to match your interests. You can look for jobs in a specific geographical location, by title or keyword, or you can use the military crosswalk. You may want to do something different from your military career, but you undoubtedly have skills from that occupation that match to a civilian job.
Home View All Jobs (2,205,615)

Job Information

J&J Family of Companies Sr Manager, Product Security Risk Management Engineer in Boston, Massachusetts

Sr Manager, Product Security Risk Management Engineer - 2406216035W

Description

Johnson and Johnson is currently recruiting for a Senior Manager, Product Security Risk Management Engineer within the Johnson & Johnson Technology (JJT) organization. This role will be based in Raritan, NJ, Irvine, CA or remote US.

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated and cured, where treatments are smarter and less invasive and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow and profoundly impact health for humanity. Learn more at https://www.jnj.com/ .

The Senior Manager, Product Security Risk Management Engineer will be responsible for implementation of the ISRM Product Security Risk Management Process. This includes identifying key strategies and goals, collaborating with internal organizations on existing process and policy enhancements, creating and communicating metrics to MedTech management, identifying communications plans and raising overall awareness of the capability. Specific responsibilities include supporting MedTech Business Units throughout a medical device & digital health solution lifecycle to establish vulnerability management solutions, review product security requirements and recommend security design solutions throughout dispositioning and lead the coordinated vulnerability disclosure process.

The key responsibilities will be:

  • Reporting directly to the Product Security Program Operations Director, this role spearheads the integration of vulnerability management and leads initiatives to bolster the cybersecurity resiliency across the MedTech business.

  • Mature ISRM product security vulnerability risk management process and drive changes into Business Unit Quality Management Systems

  • Develop and lead risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever high exploit vulnerabilities occur.

  • Create risk management metrics and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials).

  • Ensure standardization of security reviews and identification of security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy.

  • Lead the creation of product security vulnerability management strategy and training through all ISRM product security.

  • Identify key tooling for vulnerability identification through the total product lifecycle.

  • Identify key research sources, analysis material, and correlation tooling to further develop the vulnerability management process.

  • Lead the ISRM MedTech Coordinated Vulnerability Disclosure Process

  • Applies ISRM product security policies and standards when performing all duties.

Qualifications

Required

  • Bachelor’s degree or equivalent in computer science or similar engineering discipline

  • Minimum 10 years relevant experience, or equivalent combination of education/experience.

  • Must be a subject matter expert in vulnerability management, including scanning, remediation, stakeholder engagement, system administration and engineering.

  • CISSP or any combination of related subject matter expertise certifications to fully demonstrate a deep, comprehensive and thorough knowledge of cybersecurity vulnerability management.

  • Experience with SBOM creation/scanning automation

Preferred:

  • Experienced in the following domains: APIs Security, vulnerability scan, compliance and threat detection, OWASP Top 10 API Security, Web App Security, AppSec, SAST, DAST, and SCA (Software composition analysis).

  • Experience or good understanding of the different enterprise components to publish and use APIs (e.g., API Gateways (Apigee), Microservices, Cloud Components, Load Balancers, WAFs)

  • Experience with API security testing, vulnerability scan and compliance reporting.

  • Experience with OWASP Top 10 for Web App & APIs.

  • Experience with Postman Collections, Swagger, OpenAPI, and other common formats for organizing and functionally testing REST APIs.

  • Excellent analytical, written, and verbal communication skills – capable of explaining complex requirements in simple words.

  • Comfortable with conflicts and capable of influencing cross-functional teams without formal authority.

  • Any programming or integration experience in the past will be highly beneficial.

  • Healthcare medical equipment network integration management experience.

  • Limited travel required, up to 10%, including international travel.

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

For more information on how we support the whole health of our employees throughout their wellness, career and life journey, please visit www.careers.jnj.com.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

The anticipated base pay range for this position is $118,000 to $203,550.

The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year. Bonuses are awarded at the Company’s discretion on an individual basis.

  • Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.

  • Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).

  • Employees are eligible for the following time off benefits:

  • Vacation – up to 120 hours per calendar year

  • Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington – up to 56 hours per calendar year

  • Holiday pay, including Floating Holidays – up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year

  • Additional information can be found through the link below. https://www.careers.jnj.com/employee-benefits

The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.

#JNJTech

#LI-Remote

Primary Location NA-US-New Jersey-Raritan

Other Locations NA-United States, NA-US-California-Irvine

Organization Johnson & Johnson Services Inc. (6090)

Job Function Security & Controls

Req ID: 2406216035W

DirectEmployers