FREE ACCESS
5,000–10,000 jobs/day
See all jobs on JobTailor
Search thousands of fresh jobs every day.
Discover
- Fresh listings
- Fast filters
- No subscription required
Create a free account and start exploring right away.

Senior Director, GRC, IT Controls, Cyber Culture
Johnson & JohnsonSenior cybersecurity leader for Governance, Risk & Compliance at DePuy Synthes. Overseeing enterprise-level IT controls and security culture programs to enhance organizational resilience.
Posted 7/14/2026full-timeRaritan • Florida, Massachusetts, New Jersey, Pennsylvania • 🇺🇸 United StatesSenior💰 $178,000 - $307,050 per yearWebsite
Core Competencies
Role fitCore Competencies
Use this summary to align your resume positioning with the role.
Demonstrates extensive expertise in cybersecurity risk management, compliance frameworks, and IT controls, with a strong focus on governance, risk oversight, and executive reporting. Proven ability to lead cross-functional teams and influence stakeholders to align security priorities with business objectives.
Highest-signal resume keywords
Cybersecurity Risk ManagementGovernance, Risk, And Compliance (GRC)IT Controls And Assurance FrameworkExecutive ReportingCISSP, CISM, CRISC Certifications
ATS Keywords
Tailor your resumeApplicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills
Risk IdentificationRisk AssessmentMitigation PlanningControl MonitoringCompliance OversightIssue ManagementControl EffectivenessAudit ReadinessSecurity GovernanceCyber Risk Advisory
Soft Skills
LeadershipInfluencing StakeholdersCollaborationCommunication
Certifications & Qualifications
CISSPCISMCRISC
Industry Keywords
CybersecurityInformation SecurityTechnology Risk ManagementSOX Control ExpectationsAssurance Practices
Tech Stack
Tools & technologiesCyber Security
About the role
Key responsibilities & impact- Build and mature the enterprise GRC function, including governance forums, risk management processes, compliance oversight, control monitoring, issue management, and executive reporting.
- Provide leadership and oversight for the BISO manager organization, ensuring consistent engagement with business leaders, effective cyber risk advisory support, and alignment of security priorities to business objectives.
- Lead enterprise cyber risk management activities, including risk identification, assessment, mitigation planning, escalation, and reporting to senior leadership and governance bodies.
- Own the enterprise cybersecurity policy and standards lifecycle - from creation and implementation to continuous review - ensuring clarity, compliance, and alignment with organizational goals.
- Establish and operationalize an enterprise IT controls and assurance framework that enables consistent control design, testing, monitoring, reporting, and continuous improvement across the organization.
- Drive cybersecurity compliance with applicable global regulations, standards, and frameworks, ensuring the organization can demonstrate control effectiveness and audit readiness.
- Lead security awareness, behavior, and culture initiatives that improve workforce accountability, reduce human-centric risk, and embed secure practices into day-to-day business operations.
- Provide executive-level reporting on cybersecurity risk, compliance status, control effectiveness, assurance outcomes, and program maturity to senior leadership and governance bodies.
Requirements
What you’ll need- Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field.
- 12–14 years of progressive experience in cybersecurity, information security, technology risk management, IT controls, or GRC, including senior leadership roles.
- Experience leading BISO, cyber risk advisory, security governance, or business aligned cybersecurity teams.
- Deep knowledge of cybersecurity risk management, compliance frameworks, IT controls, SOX control expectations, assurance practices, and audit readiness.
- Proven ability to influence executive stakeholders and partner effectively across IT, Finance, Internal Audit, External Audit, Legal, Risk, Compliance, and business leadership functions.
- Language: English (fluent).
- Travel: Up to 20%, domestic and international.
- Certifications (preferred): CISSP, CISM, CRISC, or equivalent.
Benefits
Comp & perks- Subject to the terms of their respective plans, employees are eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
- This position is eligible to participate in the Company’s long-term incentive program.
- Subject to the terms of their respective policies and date of hire, employees are eligible for the following time off benefits:
- Vacation –120 hours per calendar year.
- Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year.
- Holiday pay, including Floating Holidays –13 days per calendar year.
- Work, Personal and Family Time - up to 40 hours per calendar year.
- Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child.
- Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year.
- Caregiver Leave – 80 hours in a 52-week rolling period.
- Volunteer Leave – 32 hours per calendar year.
- Military Spouse Time-Off – 80 hours per calendar year.