Manager, Infra Security and Controls Apac

The Infrastructure Security and Controls Team in Johnson & Johnson Information Security & Risk Management (ISRM) Organization is recruiting for a manager (M1) based in Singapore.

Johnson & Johnson Strives to deliver high quality products and services to improve access and affordability of healthcare to everyone, everywhere. We are the world's most comprehensive and broadly-based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. We are a family of more than 250 Johnson & Johnson operating companies employing over 125,000 people and with products touching the lives of over a billion people every single day, throughout the world. If you have the talent and dream to touch the world, Johnson & Johnson has the career opportunities to help make it happen.

Johnson & Johnson recognizes that information is a critical business asset and that our ability to manage, control and protect this asset will have a direct and significant impact on our success as a business. In the world of growing cybersecurity risks, highly proficient Information Security specialists with an established deep technical background in IT systems are paramount in protecting J&Js information and information assets.

**Responsibilities**
- Serves as a regional Infrastructure Security and Controls partner ensuring all regionally based infrastructure services meet security policy while meeting business needs. Responsible to bridge regional TS Infrastructure leadership with senior ISRM leadership ensuring region security needs are proactively addressed
- Collaborates with technology teams to craft solutions that mitigate risk
- Analyses technically sophisticated architectures developed by J&J TS cloud platform teams for suitability of use of engineered cloud services. Works with platform teams to craft solutions which mitigate risk
- Evaluates and ensures the resolution of technically sophisticated security issues, internal control issues, critical incidents and/or crisis resolution management
- Proactively assesses the impact of regulatory and other security and internal control changes on IT processes and advises management on the implications of costs, performance issues, risks and business needs
- Proactively addresses partner expectations at the manager level and above, providing technical expertise on efficient approaches and balances internal controls, information security requirements, compliance and project/business requirements

**Other duties**
- Anticipates risks and issues of technical complexity based on understanding of business trends and the goals and objectives of the TS Infrastructure community
- Shares knowledge of future trends, tools, procedures and systems in infrastructure security, internal controls and risk management
- Reviews or prepares reports on risk management to be communicated to TS, IT and J&J senior management
- Participates in forums, benchmarking analyses, and processes that result in improvement, information sharing and innovation across J&J
- Develops networks of internal and external business partners, suppliers, the technical/legal community and consultants

**Qualifications** Qualifications/Skills**:

- Bachelors degree or equivalent in Computer Science, Engineering, or IT Security, masters/advanced degree or equivalent preferred
- 8 years of Information Security/ IT Risk Management/IT experience with growing technical responsibilities
- Proven proficiency in info security, and cloud computing domains as evidenced by industry certifications, including understanding of traditional and emerging threats with particular emphasis in Information Security controls and technologies to reduce operational and security risk
- Knowledge, understanding, and technical proficiency in cloud technologies/services (Virtual Private/Hybrid Cloud, SaaS, IaaS, PaaS, DBaaS) and the appropriate controls and processes to secure them or reduce risk
- Optimally works with virtual, global teams - including diverse groups of people with multifaceted backgrounds and cultural experiences
- Information Security & Risk Management certifications preferred
- Solid grasp of COBIT and / or ITIL is helpful
- Knowledge of key business processes is helpful
- GxP background an asset (desirable, but not required)

Johnson & Johnson Family of Companies are equal opportunity employers, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, protected veteran status, disability status, or any other characteristic protected by law.

**Primary Location**
Singapore-Singapore-Singapore
- **Organization**
Johnson & Johnson Pte. Ltd. (8435)

**Job Function**
Info Technology

**Requisition ID**
2206065630W