Senior Analyst Operational Technology Network Vulnerability & Threat Monitoring Job
Johnson & Johnson is currently recruiting for a Senior Analyst, Operational Technology (OT) Network Vulnerability & Threat Monitoring (NTM) within its Information Security and Risk Management (ISRM) group. This position will be based out of Raritan, NJ.
Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 130 years. We embrace research and science — bringing innovative ideas, products and services to advance the health and well-being of people.
With $81.6 billion in 2018 sales, Johnson & Johnson is the world’s most comprehensive and broadly-based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. There are more than 250 Johnson & Johnson operating companies employing over 125,000 people and with products touching the lives of over a billion people every day, throughout the world. If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen.
The Senior Analyst, OT Network Vulnerability & Threat Monitoring will be a member of the larger Security technology, Authentication and Response Services (STARS) team that is responsible for engineering, deploying, operating security solutions, and Cyber Security Operations Center (CSOC).
The Senior Analyst will be responsible for the OT Network Vulnerability & Threat Monitoring program, platform, solution, and service management. The Senior Analyst will also be responsible for engineering, deploying, operating, maintaining, demonstrating, training and tuning activities related to J&J’s OT Network Threat Monitoring infrastructure, collaborating with Security Engineering, Security Monitoring, and OT.
They will regularly perform L1 & L2 related activities, including solving issues with hardware and or software, raise issues as needed to the vendor or other teams as necessary for resolution. The Senior Analyst will also perform administration tasks associated with the associated Operating System (OS) and Application, including but not limited to alerts, rules, device configurations, patching, and upgrades. This position will partner with internal ISRM teams such as the CSOC as well as other departments under the J&J Technology umbrella including but not limited to OT, Supply Chain, End User Support, Server, and Network to ensure OT Network Vulnerability & Threat Monitoring services are deployed and operated in alignment with policy and standard methodologies.
- Designing, engineering, implementing, integrating, demonstrating, and operational activities related to J&J’s OT Cyber Security Network Threat Monitoring solutions, platforms, and infrastructure partnering with Security Engineering, Operations, Security Monitoring, Network, IT and OT.
- Perform L1 & L2 related activities in support of the platform, including solving issues with hardware and software.
- Perform administration tasks associated with the associated Operations System (OS) and Application, including but not limited to tuning, alerts, correlation rules, signatures, device configurations, patching, and upgrades.
- Evaluate security and the NTM solution architectures, designs, and processes to determine their adequacy and effectiveness. Verify stability, interoperability, portability, and scalability of NTM architecture.
- Establish yourself as the domain expert on the OT Cyber Security NTM to evangelize, articulate, and influence the success of the program and solutions.
- Define and implement NTM solution availability and ensure that requirements identify appropriate disaster recovery and continuity of operations requirements to include any proper fail-over/alternate site requirements, backup requirements, and material supportability requirements for system recovery/restoration.
- Perform risk analysis (e.g., alert, threat, vulnerability, and the probability of occurrence) of the evolving landscape. Analyze identified malicious activity to figure out weaknesses exploited, exploitation methods, effects on the system, and information. Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
- Assess threats to and vulnerabilities of the OT infrastructure, systems, and networks to develop a security risk profile.
- Characterize and analyze data to identify anomalous activity and potential threats to the OT system and network resources.
- Ensure that security design and cybersecurity development activities are adequately documented (providing a functional description of security design, engineering, implementation, operations, SDLC) and updated as necessary.
- Develop and maintain process activities and related documentation (e.g., system life-cycle support plans, the concept of operations, operational procedures, maintenance, knowledge base, and training materials).
- Establish and maintain relationships with the suppliers, vendors, and partners in the information and OT security industry.
- Identify, define opportunities to improve efficiency and effectiveness, and prioritize essential enhancements capabilities and functions that would enable improvements in OT cybersecurity risk reduction and enhancing capacity of the NTM solutions, operations, and reporting.
- Maintain knowledge of applicable Security Operations policies, regulations, and compliance documents specifically related to security.
- Communicates and reports information about alerts, threats, and vulnerabilities to appropriate parties.
- Develop reports, metrics, key performance indicators, key risk indicators, trends, operations status, project status.
- Assists with security events/incidents, coordinating activities with Global SOC, SOC L2, Operations, and others – as appropriate.
- Provide support to SOC, Incident Response, and Cyber Investigations teams as needed.
- Partner with IT, OT contacts end-users, and ISRM during response activities.
- A minimum of a Bachelor’s degree is required.
- A minimum of 4 years of work experience is required.
- Proven expertise in network architecture, network security, network traffic, and packet analysis (TCP/IP, OSI model, & Purdue model, Unix CLI, Wireshark/Tshark, TCPdump) is required.
- Strong knowledge of information security principles, debugging, root cause analysis, and troubleshooting skills is required.
- Technical experience in the installation, configuration, and operation of security solutions and appliances in a sizeable complex environment is required.
- Experience with Windows, Unix, virtualization technologies, scripting, PowerShell, and API integration is required.
- Strong knowledge and experience deploying or supporting security practices and technologies such as risk or vulnerability assessments, intrusion detection systems, and SIEM is required.
- Outstanding analytical skills, experience with data, and evidence based decision making is required.
- Demonstrated effectiveness within large, diverse operating environments is required.
- Demonstrated ability to lead complex projects, priorities, and multiple tasks are required.
- Possessing the credibility and presence to act as a domain expert is required.
- Must have a strong work ethic and communication (written and verbal), allowing them to communicate with both technical and non-technical audiences.
- Must have the skill to collaborate, influence others with limited direct authority.
- Demonstrable ability to identify deficiencies and drive corrective actions to address them is required.
- Ability to develop, maintain, and actively update security technology policies and standards as appropriate is required.
- Experience providing input and recommendations to the management and partners on the threat, emerging security trends, and risk management strategies is required.
- Excellent interpersonal, creative problem-solving skills and Customer focus (internal & external) required.
- Proven results in the creation and “maintenance” of operational documentation such as Standard Operating Procedures (SOP) and Work Instructions (WI) is preferred.
- Security certifications such as CISSP, GICSP, and Linux, Networking, Microsoft, or other technical certifications are preferred.
- This position is located in Raritan, NJ and may require up to 10% travel.
Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.
Need to Boost Your Computer Science and Data Science Skills?
- IBM Data Science Professional Certificate by IBM
- Java Programming and Software Engineering Fundamentals Duke University
- Mathematics for Machine Learningby Imperial College London
- Cloud Computing by University of Illinois
- Data Mining by University of Illinois
- Applied Data Science with Python by University of Michigan
- Data in Database by Arizona State University
- Excel Skills for Business by Macquarie University
- Financial Management by University of Illinois
- Financial Reporting by University of Illinois
- Leading – Human Resource Management and Leadership by Macquarie University
United States-New Jersey-Raritan-
Johnson & Johnson Services Inc. (6090)