Principal Product Security Engineer

About

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity.

Role

Technology Enterprise Strategy & Security Solution Architecture Scientific/Technology

We are searching for the best talent for a Principal Product Security Engineer to be located in Danvers, MA or Raritan, NJ. Remote work options may be considered on a case-by-case basis and if approved by the Company.

Are you passionate about security and interested in joining a community of collaborative colleagues working in a Patient First! culture? If that’s you, we have an immediate opportunity for a Principal Product Security Engineer to join the newly formed Product Security team to help ensure security is implemented by design for this top-performing medical device company. This is an exciting opportunity to impact development initiatives that will shape future product development and industry standards.

You will own the Product Security process that includes both pre-market and post-market processes engineering teams leverage throughout the product development lifecycle. If you are eager to leverage your security risk and compliance skills to make a difference and directly impact patient lives, this could be perfect for you.

Responsibilities

• Partner with engineering teams (cloud, console, pump, etc.) to drive successful adherence to Abiomed’s product security policies, processes, program objectives.
• Act as a SME on cyber security matters and provide guidance to development teams.
• Advocate for proactive inclusion of cyber security input into all phases of the product life cycle, process improvements, CAPAs, strategic product road map planning.
• Deliver documentation for pre-market product development activities including security plans, architecture diagrams, data flow diagrams, threat models, security requirements, Design for Security, SBOM, and risk management documentation.
• Maintain relationships with Abiomed’s Information Sharing and Analysis Organizations.
• Guide teams to make decisions that balance business needs with medical device security objectives.
• Work across organizational boundaries and exhibit empathy with customers, both internal and external.

Qualifications

• Bachelor’s degree
• ~5+ years industry experience in Information Security.
• ~ Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001, SOC2, HIPAA, GDPR).
• ~ Experience with security risk management techniques.

Location Details

Being at the office in Danvers MA for a minimum of 3 days per week (for candidates within commutable distance to site). Remote work options may be considered on a case-by-case basis and if approved by the Company.

EEO Statement

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status or other characteristics protected by federal, state or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

If you are an individual with a disability and would like to request an accommodation, please email the Employee Health Support Center ( ) or contact AskGS to be directed to your accommodation resource.

Compensation & Benefits

The anticipated base pay range for this position is : $The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/performance year. Bonuses are awarded at the Company’s discretion on an individual basis.

Employees and/or eligible dependents may be eligible to participate in the following Company sponsored employee benefit programs: medical, dental, vision, life insurance, short- and long-term disability, business accident insurance, and group legal insurance. Employees may be eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)). for employees who reside in the State of Washington – up to 56 hours per calendar year Holiday pay, including Floating Holidays – up to 13 days per calendar year of Work, Personal and Family Time - up to 40 hours per calendar year Additional information can be found through the link below. Candidates hired outside the United States will be eligible for compensation and benefits in accordance with their local market.