CYBERSECURITY ANALYST - SHOCKWAVE MEDICAL

Johnson & Johnson is hiring for a Cybersecurity Analyst - Shockwave Medical to be located in Santa Clara, CA.
At Johnson & Johnson, we believe health is everything.
Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal.
Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity.
Learn more at https://www.
nj.
om/.
For more than 130 years, diversity, equity & inclusion (DEI) has been a part of our cultural fabric at Johnson & Johnson and woven into how we do business every day.
Rooted in Our Credo, the values of DEI fuel our pursuit to create a healthier, more equitable world.
Our diverse workforce and culture of belonging accelerate innovation to solve the world’s most pressing healthcare challenges.
We know that the success of our business – and our ability to deliver meaningful solutions – depends on how well we understand and meet the diverse needs of the communities we serve.
Which is why we foster a culture of inclusion and belonging where all perspectives, abilities and experiences are valued and our people can reach their potential.
At Johnson & Johnson, we all belong.
Shockwave Medical, Inc., recently acquired by Johnson & Johnson, is a pioneer in the development and commercialization of Intravascular Lithotripsy (IVL) to treat complex calcified cardiovascular disease.
Shockwave Medical aims to establish a new standard of care for medical device treatment of atherosclerotic cardiovascular disease through its differentiated and proprietary local delivery of sonic pressure waves for the treatment of calcified plaque.
Position Overview The IT Security Analyst role will be responsible for assisting in the implementing, maintaining, and monitoring of security tools, resources, and other technology at Shockwave Medical.
The ideal candidate will be someone who is tactical with knowledge of industry standard best practices and recognized frameworks.
The position will have you coordinate all security functions and processes required to support business operations and to keep the Shockwave Medical infrastructure, data and network secure.
It requires working closely with senior leadership globally to establish security and compliance practices, oversee day-to-day matters relating to security and compliance, and to address any security or compliance related challenges.
Essential Job Functions Monitor the security operations tools and resources while coordinating with SOC with alerts and findings.
Assists in the implementation of new security technologies while optimizing existing security technologies.
Provides recommendations to operational IT teams and business units on processes, controls, and objectives around information security activities, best practices, and process improvements.
Keeps informed regarding new and emerging information technology trends including IAM solutions, endpoint protection technologies, web application firewalls and intrusion prevention, encryption, access control methodologies, IDS/IPS systems, SIEM tools and network scanners.
Performs periodic and on-demand system and vulnerability assessments related to third party risk management.
Develops, updates, and assists in maintaining Information Security Awareness training documentation and materials.
Coordinates with enterprise risk management function for appropriate impact analyses.
Maintains working understanding of HIPAA Privacy and Security Rules, GLBA and PCI assessments through execution of audit tests, controls reviews, issues identification and areas for improvement.
Maintains working understanding of technical control testing aligned with NIST CSF and COBIT.
Maintains working understanding of common OS and domain structures, servers, services, and associated vulnerabilities.
Maintains working understanding of network engineering and local and wide area (LAN/WAN) technologies and topologies.
Maintains working understanding of cloud deployments and associated risk considerations.
Qualifications BS or BA preferred.
1 to 3 years of IT or Information Security experience.
Security certifications (Sec+, CySA+, CASP+, etc.) or the willingness to obtain certifications desirable.
Knowledge of EDR, Email Security, DLP, and other security technologies.
Familiarity with physical security control systems (badging, door lock controls, camera systems) desirable.
Familiarity with ISO , SOC1/2 auditing and associated requirements.
Familiarity/experience with FDA and SOX regulated environments.
Strong written and verbal communication skills to communicate effectively at all levels.
Ability to work in a fast-paced environment while managing multiple priorities.
Ability to operate as a team and/or independently while demonstrating flexibility to changing requirements.
The anticipated base pay range for this position is $ to $.
The Company maintains highly competitive, performance-based compensation programs.
Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan.
The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year.
Bonuses are awarded at the Company’s discretion on an individual basis.
Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs.
medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
Employees are eligible for the following time off benefits.
Vacation – up to 120 hours per calendar year Sick time - up to 40 hours per calendar year; for employees who reside in the State of Washington – up to 56 hours per calendar year Holiday pay, including Floating Holidays – up to 13 days per calendar year Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below.
For additional general information on Company benefits, please go to.
https://www.
areers.
nj.
om/employee-benefits This job posting is anticipated to close on January, .
The Company may however extend this time-period, in which case the posting will remain available on https://www.
areers.
nj.
om to accept additional applications.
NOTE.
This job description is not intended to be all-inclusive.
Employee may perform other related duties as assigned or negotiated to meet the ongoing needs of the organization.
Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment.
Please contact us to request accommodation.