Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Johnson & Johnson

Senior Product Security Cloud Engineer

Johnson & Johnson

Senior Product Security Cloud Engineer implementing J&J's security strategy for Heart Recovery cloud technologies. Leading cybersecurity efforts for medical devices connected to MS Azure.

Posted 5/8/2026full-timeRemote • Maine, Massachusetts, Nevada, Pennsylvania, South Carolina • 🇺🇸 United StatesSenior💰 $94,000 - $151,800 per yearWebsite

Tech Stack

Tools & technologies
AzureCloudCyber SecurityDockerKubernetes

About the role

Key responsibilities & impact
  • The Senior Product Security Cloud Engineer should have MS Azure experience and will be responsible for implementation of J&J’s enterprise Product Security strategy and framework for the Heart Recovery cloud and supporting platforms.
  • This role will join Abiomed, part of Johnson & Johnson MedTech, to provide MS Azure Cloud technical expertise and strategic leadership in securing Impella heart pump cloud technologies, next-generation cardiac support systems, and connected medical devices to the MS Azure cloud.
  • This role is responsible for delivering MS Azure cloud security architecture, cryptographic controls and Public Key Infrastructure (PKI) , cloud security protections/controls, and threat mitigation techniques to ensure robust, regulatory-compliant security across the product lifecycle.
  • Specific responsibilities include supporting heart recovery throughout a new product’s development phases, define product security requirements and recommend security design solutions, complete Quality documentation that includes development of the following: product security plan, security requirements definition, threat modeling, cybersecurity architecture views per FDA pre-Market Guidance for Medical Devices, cybersecurity risk assessment leveraging STRIDE and CVSS, Software Bill of Materials (SBOM), Software Composition Analysis (SCA) against the SBOM, SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing), additional security testing including coordinating internal and external Pen Testing, and development of the cybersecurity risk management report, code analysis and other security testing work as needed.
  • Additionally, this position will have post-market MS Azure Cloud responsibilities for Heart Recovery marketed devices delivered monthly that include monitoring for new vulnerabilities (CVEs), developing the monthly cybersecurity documentation with approvals, assisting with patching and remediation plans.

Requirements

What you’ll need
  • Bachelor’s degree or equivalent
  • 5+ years industry experience in CyberSecurity.
  • 5+ years industry experience within MS Azure cloud
  • Experience working in a Cloud Scrum/Agile Azure DevOps environment.
  • Familiarity with some or all of these tools: Snyk, Veracode, Wiz, JIRA, Confluence.
  • Experience with Containerization technologies such as Docker and Kubernetes.
  • Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).
  • Experience with security risk management techniques.
  • Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines.
  • Committed to working with a sense of urgency and embracing new challenges.
  • Strong communication and interpersonal skills.
  • Preferred: Experience working in an FDA-regulated environment.
  • Preferred: Experience working with medical devices connected to the MS Azure Cloud
  • Preferred: CISM or CISSP or CCSP certification.

Benefits

Comp & perks
  • Retirement plan (pension) and savings plan (401(k))
  • Vacation –120 hours per calendar year
  • Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year
  • Holiday pay, including Floating Holidays –13 days per calendar year
  • Work, Personal and Family Time - up to 40 hours per calendar year
  • Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
  • Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year
  • Caregiver Leave – 80 hours in a 52-week rolling period
  • Volunteer Leave – 32 hours per calendar year
  • Military Spouse Time-Off – 80 hours per calendar year

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
MS Azurecloud security architecturecryptographic controlsPublic Key Infrastructure (PKI)threat modelingcybersecurity architectureSoftware Bill of Materials (SBOM)Static Application Security Testing (SAST)Dynamic Application Security Testing (DAST)security risk management
Soft Skills
organizational skillsattention to detailability to handle multiple assignmentssense of urgencyembracing new challengesstrong communication skillsinterpersonal skills
Certifications
CISMCISSPCCSP