Partner with engineering and other cross-functional teams (cloud, console, pump, etc.) to drive successful adherence to J&J Heart Recovery's product security program.
Deliver documentation for pre-market development activities including security plans, architecture and data flow diagrams, threat models, requirements, SBOM, and risk documentation.
Define and implement key management infrastructure (PKI, HSMs, TPMs, and secure enclave integration) for device identity, authentication, and software signing.
Monitor and drive post-market vulnerability management activities, with adherence to strict timelines.
Support compliance certification activities, such as SOC2, FedRAMP, ISO 27001, etc.
Identify, research, evaluate, and integrate new compliance requirements and industry standards/trends into the product security program.
Guide teams to make decisions that balance business needs with security objectives.
Thinks across organizational boundaries and empathizes with customers, both internal and external.
Perform other related duties and responsibilities, as assigned.

Requirements

Bachelor’s degree in Computer Science, Information Systems, or related field.
4+ years industry experience in Information Security.
Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).
Experience with security risk management techniques and tactics.
Experience working in a regulated environment, FDA-regulated preferred.
Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines.
Committed to working with a sense of urgency and embracing new challenges.
Strong communication and interpersonal skills.

Benefits

medical, dental, vision, life insurance
short- and long-term disability
business accident insurance
group legal insurance
pension plan
401(k) savings plan
vacation –120 hours per calendar year
sick time - 40 hours per calendar year
holiday pay, including Floating Holidays –13 days per calendar year
Work, Personal and Family Time - up to 40 hours per calendar year
Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
Condolence Leave – 30 days for an immediate family member: 5 days for an extended family member
Caregiver Leave – 10 days
Volunteer Leave – 4 days
Military Spouse Time-Off – 80 hours

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

security plansarchitecture diagramsdata flow diagramsthreat modelsSBOMrisk documentationkey management infrastructurePKIHSMsTPMs

Soft Skills

organizational skillsattention to detailability to handle multiple assignmentssense of urgencycommunication skillsinterpersonal skillsempathy

Certifications

SOC2FedRAMPISO 27001NIST Cybersecurity FrameworkHIPAAGDPR