Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
Johnson & Johnson

Senior Director, GRC, IT Controls, Cyber Culture

Johnson & Johnson

Senior cybersecurity leader for Governance, Risk & Compliance at DePuy Synthes. Overseeing enterprise-level IT controls and security culture programs to enhance organizational resilience.

Posted 7/14/2026full-timeRaritan • Florida, Massachusetts, New Jersey, Pennsylvania • 🇺🇸 United StatesSenior💰 $178,000 - $307,050 per yearWebsite

Core Competencies

Role fit
Core Competencies

Use this summary to align your resume positioning with the role.

Demonstrates extensive expertise in cybersecurity risk management, compliance frameworks, and IT controls, with a strong focus on governance, risk oversight, and executive reporting. Proven ability to lead cross-functional teams and influence stakeholders to align security priorities with business objectives.

Highest-signal resume keywords
Cybersecurity Risk ManagementGovernance, Risk, And Compliance (GRC)IT Controls And Assurance FrameworkExecutive ReportingCISSP, CISM, CRISC Certifications

ATS Keywords

Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills
Risk IdentificationRisk AssessmentMitigation PlanningControl MonitoringCompliance OversightIssue ManagementControl EffectivenessAudit ReadinessSecurity GovernanceCyber Risk Advisory
Soft Skills
LeadershipInfluencing StakeholdersCollaborationCommunication
Certifications & Qualifications
CISSPCISMCRISC
Industry Keywords
CybersecurityInformation SecurityTechnology Risk ManagementSOX Control ExpectationsAssurance Practices

Tech Stack

Tools & technologies
Cyber Security

About the role

Key responsibilities & impact
  • Build and mature the enterprise GRC function, including governance forums, risk management processes, compliance oversight, control monitoring, issue management, and executive reporting.
  • Provide leadership and oversight for the BISO manager organization, ensuring consistent engagement with business leaders, effective cyber risk advisory support, and alignment of security priorities to business objectives.
  • Lead enterprise cyber risk management activities, including risk identification, assessment, mitigation planning, escalation, and reporting to senior leadership and governance bodies.
  • Own the enterprise cybersecurity policy and standards lifecycle - from creation and implementation to continuous review - ensuring clarity, compliance, and alignment with organizational goals.
  • Establish and operationalize an enterprise IT controls and assurance framework that enables consistent control design, testing, monitoring, reporting, and continuous improvement across the organization.
  • Drive cybersecurity compliance with applicable global regulations, standards, and frameworks, ensuring the organization can demonstrate control effectiveness and audit readiness.
  • Lead security awareness, behavior, and culture initiatives that improve workforce accountability, reduce human-centric risk, and embed secure practices into day-to-day business operations.
  • Provide executive-level reporting on cybersecurity risk, compliance status, control effectiveness, assurance outcomes, and program maturity to senior leadership and governance bodies.

Requirements

What you’ll need
  • Bachelor’s degree in Information Security, Computer Science, Engineering, or a related field.
  • 12–14 years of progressive experience in cybersecurity, information security, technology risk management, IT controls, or GRC, including senior leadership roles.
  • Experience leading BISO, cyber risk advisory, security governance, or business aligned cybersecurity teams.
  • Deep knowledge of cybersecurity risk management, compliance frameworks, IT controls, SOX control expectations, assurance practices, and audit readiness.
  • Proven ability to influence executive stakeholders and partner effectively across IT, Finance, Internal Audit, External Audit, Legal, Risk, Compliance, and business leadership functions.
  • Language: English (fluent).
  • Travel: Up to 20%, domestic and international.
  • Certifications (preferred): CISSP, CISM, CRISC, or equivalent.

Benefits

Comp & perks
  • Subject to the terms of their respective plans, employees are eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
  • This position is eligible to participate in the Company’s long-term incentive program.
  • Subject to the terms of their respective policies and date of hire, employees are eligible for the following time off benefits:
  • Vacation –120 hours per calendar year.
  • Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year.
  • Holiday pay, including Floating Holidays –13 days per calendar year.
  • Work, Personal and Family Time - up to 40 hours per calendar year.
  • Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child.
  • Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year.
  • Caregiver Leave – 80 hours in a 52-week rolling period.
  • Volunteer Leave – 32 hours per calendar year.
  • Military Spouse Time-Off – 80 hours per calendar year.