Senior Product Security Cloud Engineer

Job Description

Company: Johnson & Johnson

Location: US

Senior Product Security Cloud Engineer
Johnson & Johnson’s MedTech cybersecurity team is recruiting for an experienced Senior Product Security Cloud Engineer. The role can be remote‑based or located onsite in Danvers, MA or Raritan, NJ. The role must work US East Coast hours and requires up to 10% travel.

Responsibilities

• Design and implement MS Azure cloud security architecture, cryptographic controls, PKI and other cloud security protections.

• Support heart recovery product development phases, defining product security requirements and recommending design solutions.

• Create and maintain security documentation: product security plan, security requirement definitions, threat models, cybersecurity architecture views per FDA pre‑Market Guidance, risk assessments using STRIDE and CVSS, SBOM and SCA.

• Coordinate internal and external penetration testing, code analysis (SAST/DAST), and development of cybersecurity risk management reports.

• Monitor monthly post‑market vulnerabilities (CVEs), assist with patching and remediation plans, and produce monthly cybersecurity documentation.

• Respond to customer security questionnaires and review security language within contractual agreements.

• Advise engineering teams on secure design, DevSecOps integration, and CI/CD pipeline hardening.

• Partner with R&D Engineering to implement managed identities, secure OTA update mechanisms, and zero‑trust device‑to‑cloud connectivity.

• Ensure compliance with FDA requirements, NIST, FIPS, IEC and other regulatory frameworks.

• Support compliance certification activities: SOC2, FedRAMP, ISO 27001, C5 in Germany, etc.

• Identify and integrate new industry standards and best practices into the security program.

• Other related duties as assigned.

Qualifications

• Bachelor’s degree or equivalent.

• 5+ years experience in cybersecurity, including 5+ years with MS Azure cloud.

• Experience in a Cloud Scrum/Agile Azure DevOps environment.

• Familiarity with tools such as Snyk, Veracode, Wiz, JIRA and Confluence.

• Containerization experience with Docker and Kubernetes.

• Knowledge of regulatory standards: NIST CSF, ISO27001, SOC2, HIPAA, GDPR.

• Experience with security risk management techniques.

• Strong organizational, communication and interpersonal skills.

• Committed to urgent staffing and embracing new challenges.

Preferred

• Experience working in an FDA‑regulated environment.

• Experience with medical devices connected to MS Azure cloud.

• CISM, CISSP or CCSP certification.

Pay Transparency
The anticipated base pay range for this position is $94,000.00 – $151,800.00.

Benefits

• Vacation – 120 hours per calendar year.

• Sick time – 40 hours per calendar year; 48 hours in Colorado; 56 hours in Washington.

• Holiday pay, including floating holidays – 13 days per calendar year.

• Work, personal and family time – up to 40 hours per calendar year.

• Parental leave – 480 hours within one year of birth/adoption/foster care.

• Bereavement leave – 240 hours for immediate family member; 40 hours for extended family member per year.

• Caregiver leave – 80 hours over 52‑week rolling period.

• Volunteer leave – 32 hours per calendar year.

• Military spouse time‑off – 80 hours per calendar year.

Equal Opportunity Employer
Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson & Johnson is committed to providing an interview process that is inclusive of our applicants’ needs. If you have a disability and would like to request an accommodation, please contact us via https://www.jnj.com/contact-us/careers or contact AskGS to be directed to your accommodation resource.

#J-18808-Ljbffr

Source: Jobrapido