Manager- Cybersecurity Investigations

About the position Johnson and Johnson is recruiting for an Insider Risk Investigation Manager. This position will be based at our Raritan, NJ office. The Insider Risk Investigation Manager will contribute to a dynamic growing team and play a key role in the success of the Insider Risk program within Information Security & Risk Management (ISRM). At Johnson & Johnson, we believe good health is the foundation of vibrant lives, thriving communities and forward progress. That’s why for more than 135 years, we have aimed to keep people well at every age and every stage of life. Today, as the world’s largest and most broadly based healthcare company, we are committed to using our reach and size for good. We strive to improve access and affordability, create healthier communities, and put a healthy mind, body and environment within reach of everyone, everywhere. Every day, our more than 140,000 employees across the world are blending heart, science and ingenuity to profoundly change the trajectory of health for humanity.

Responsibilities

• Partner with expert teams such as HR, Audit, Legal, Physical Security, Cyberforensic teams, and J&J leadership to conduct investigation activities that support enterprise data protection and insider risk initiatives.
• Facilitate data value and business impact assessments of exfiltrated data to determine appropriate investigation actions.
• Interview subjects involved in data risk cases to establish activity root cause and intent, assess credibility, detect inconsistencies, and explore motives to determine appropriate action and remediation steps.
• Responsible for collection, analysis, and interpretation of relevant data activity, digital forensics, or other reports required for complete and thorough investigations.
• Produce timely case notes and statuses, metrics, and final case reports for assigned case load.
• Manage work consistently and accurately within team Case Management System.
• Contribute to accurate and comprehensive playbook and SOP documentation required for repeatable and defensible processes.
• Specify technical remediation requirements and provide specific guidance to investigation subjects.
• Recommend corrective actions required by subject or manager/team.
• Collaborate with Investigation Team on time sensitive, high priority cases.
• Escalate high risk events to leadership and stakeholders.
• Perform case debriefs to audiences with a mixed level of technical expertise including legal counsel and law enforcement.

Requirements

• BA/BS degree is required.
• 5+ years of proven experience in Insider Risk, Cybersecurity, or Technical Investigations.
• Demonstrated understanding of data security and data egress concepts and methods.
• Experience and proven ability to investigate and interview subjects as it relates to data exfiltration from a large organization.
• Minimum of 3 years of experience interviewing investigation subjects.
• Solid understanding and experience with Data Loss Prevention (DLP) systems and related security tools that supply Insider Risk alerts.
• Ability to directly manage or work with 3rd party firms and subjects to sanitize, recover, or securely remove data in a variety of systems, applications, and device types.
• Experience anticipating cyber forensic investigation needs, interpreting and analyzing cyber forensic reports from end user devices and network systems.
• Excellent listening skills and ability to detect and question implausible explanations and effectively challenge subjects with dubious intent.
• Ability to work independently and effectively in a dynamic corporate environment.
• Ability to adapt to frequent reprioritization of tasks based on risk factors.
• Familiarity and support of 18 U.S.C. 1831 & 1832.
• Consistently operate with confidentiality and communicate case information with careful discretion.

Nice-to-haves

• Experience and understanding of protecting trade secrets and intellectual property, data security, and data exfiltration methods.
• Experience in Insider Risk and investigations programs within highly complex and/or global environments.
• Background and experience in law enforcement, corporate security, or intelligence with requisite skills & experience in corporate investigations, debriefing, and case management processes and techniques.
• Understanding of Privacy legislation and requirements differences globally.

Benefits

• medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance.
• Company’s consolidated retirement plan (pension) and savings plan (401(k)).
• Vacation –120 hours per calendar year
• Sick time - 40 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year
• Holiday pay, including Floating Holidays –13 days per calendar year
• Work, Personal and Family Time - up to 40 hours per calendar year
• Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
• Condolence Leave – 30 days for an immediate family member: 5 days for an extended family member
• Caregiver Leave – 10 days
• Volunteer Leave – 4 days
• Military Spouse Time-Off – 80 hours

Apply tot his job Apply To this Job