Director- Policy, Governance and Compliance

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com Job Function: Technology Enterprise Strategy & Security Job Sub Function: Security & Controls Job Category: People Leader All Job Posting Locations: US160 NJ Raritan - 1003 US Highway 202 N Job Description: The Director, Cyber Policy, Governance & Compliance, is responsible for maintaining company cyber security policies in alignment with industry standards and emerging risks and driving compliance with global cybersecurity laws and regulations. They will develop, implement and maintain a comprehensive cyber compliance program, encompassing global governance and oversight for compliance with both internal policies and external law and regulations. The Director will keep ISRM senior leadership informed of compliance status and partner and collaborate with senior leaders of other compliance functions, including Legal, Privacy, Quality and Audit to support overall company compliance obligations. They will also work closely with various corporate functions to represent ISRM and the cybersecurity program. This position will be located in Raritan, NJ or remote work the in the U.S. Key Responsibilities: ? Develops strategy to ensure company cybersecurity policies and standards are in alignment with industry standards and compliance obligations. ? Drive creation of new policies and standards based on emerging risks and/or technology. ? Develop and maintain an overall cybersecurity governance and compliance program, including defining compliance metrics and reporting to relevant stakeholders. ? Apply relevant laws, regulations, and industry standards to the organization?s information systems and practices using a strategic approach for compliance. ? Act as an internal reference point for industry knowledge, proactively monitoring and updating the organization on emerging compliance issues. ? Lead the creation and maintenance of governance and compliance documentation and records. ? Communicate cybersecurity compliance requirements to senior management and business stakeholders, influencing their decisions for proactive actions to elevate the cyber posture. ? Partner and collaborate with other company compliance leaders and teams, including Privacy, Global Audit & Assurance, and Quality. ? Partner with Government Affairs to both identify and influence emerging cyber laws/regulations. ? Support Corporate stakeholders through the generation of cybersecurity program content (e.g., Environmental, Social & Governance). ? Provide People Leadership for the Policy, Governance & Compliance team, ensuring ongoing development of team members. ? Support ISRM organizational initiatives (e.g., Talent, Learning & Development, etc.).

Qualifications

Education: ? Bachelors degree is required Experience and Skills: Required: ? 8+ years of Information Security/IT Risk Management experience with growing responsibilities. ? 5+ years of cybersecurity governance and compliance experience. ? 3+ years of SOX controls and compliance experience. ? Experience with a variety of compliance frameworks, such as HIPAA and PCI DSS. ? Experience with cybersecurity frameworks, such as the NIST Cybersecurity Framework, ISO 27001, ISO 27002, and SOC2. ? Experience implementing, operating, and maturing cybersecurity compliance with relevant frameworks, standards, and regulations. ? Demonstrable record of effectively collaborating with virtual, global teams, including diverse groups of people with varied backgrounds and cultural experiences. ? Excellent communication and interpersonal skills. ? Experience at a large multinational organization. ? Ability to lead a diverse staff. Preferred: ? Certifications: Information Security & Risk Management certifications preferred. Other: ? 10% travel #JNJTech #LI-Remote #LI-RW1 Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act. Johnson and Johnson is committed to providing an interview process that is inclusive of our applicants? needs. If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center ([email protected]) or contact AskGS to be directed to your accommodation resource. The anticipated base pay range for this position is : The anticipated base pay range for this position is: $146,000- $251,850 Additional Description for Pay Transparency: The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation?s performance over a calendar/performance year. Bonuses are awarded at the Company?s discretion on an individual basis. Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company?s consolidated retirement plan (pension) and savings plan (401(k)). This position is eligible to participate in the Company?s long-term incentive program. Employees are eligible for the following time off benefits: Vacation ? up to 120 hours per calendar year Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington ? up to 56 hours per calendar year Holiday pay, including Floating Holidays ? up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. http://www.careers.jnj.com/employee-benefits The compensation and benefits information set forth in this posting applies to candidates hired in the United States. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market. Apply Job!