Johnson & Johnson is the world’s most comprehensive and broadly based healthcare Company, touching the lives of nearly a billion people every day. Our Family of Companies throughout the world compete in consumer, pharmaceutical, and medical devices and diagnostics markets and have the skills and resources to tackle the world’s most pressing health issues.
1. 포지션: Sr. Manager Information Security Officer
2. 근무지: 서울시 용산구
3. 근무 형태: Regular
Summary
The Sr. Manager Information Security Officer is responsible for establishing and maintaining a company wide information and security management program to oversee protection of people, assets, infrastructure, and technology from malicious attacks and to ensure that information assets are adequately protected to meet local privacy and security regulations. The role also serves as focal point for all assurance activities related to the availability, integrity and confidentiality of customer, business partner, employee, and business information in compliance with the J&J Information Asset Protection Policies. A key element of Korea, the manager will work with executive management to determine acceptable levels of risks for the organization.
Responsibilities
Appointed to local South Korea for cross sector J&J Korea companies will follow below roles and responsibilities as defined by South Korea Privacy and Security Laws:
– Establish, manage, and operate information security management system
– Analyze, assess, and improve information security weaknesses
– Prevent and respond to data breach or data incidents as a focal reporting point for any security related incidents
– Prepare preventive information protection measures, design, and implement security measures, etc.
– Review of information security risk
– Assess whether the level of encryption and security server for important data are adequate
– Carry out other necessary measures for information security as required by Korea PIPA and Network Act, including ISMS certification, annual information security public disclosure to the Ministry of Science & ICT, cybersecurity insurance.
– Responsible for response to inquiries or investigations from Personal Information Protection Commission (PIPC), Korea Internet & Security Agency (KISA) or similar regulatory authorities
– Review and rebase line changes in privacy and security laws, closely work with privacy and legal team
– Externalize and participate in privacy and security legislation process
– Engage with local legal on regulatory requirements and regulator engagement
– Lead Korea Privacy & Security project by providing advice and security guidance
– Alignment on Risk mitigation and reduction to meet local regulation
– Participate in business planning to ensure cybersecurity capabilities are appropriately considered and included in plans. (budget, resource )
– Actively advise, assess and lead Business and IT partners in the development of secure information systems and solutions in line with organization’s cybersecurity architecture, IAPP policies and regulatory requirements.
– Lead activities for security audit preparation, hosting and follow-up activities and to propose strategies to improve performance in audits.
– Facilitate education and training to the organization on cybersecurity procedures and controls.
– Provide leadership and drive employee engagement with ownership in the Information Security Committee.
– Connect with and report valuable metrics to management and senior leadership.
– Timely reporting of security incidents or significant security problems to appropriate personnel.
– Act as the main point of contact for security issues for their area of influence.
Requirements
– A Bachelor’s degree in information security or information technology and a minimum of 10 years of progressive experience in the information security or information technology sector.
– Professional security management certification
– Knowledge of common information security management frameworks, such as ISO/IEC 27001, and NIST.
– Experience with implementation or review of compliance with local/ international security standards or regulations is preferred
– Security certifications such as CISSP, CCSP, ISSAP, CISM, etc. is preferred
– Excellent written and verbal communication skills and high level of personal integrity
– Innovative thinking and leadership with an ability to lead and motivate cross-functional, interdisciplinary teams
– Qualified as an ISMS (i.e., information security management systems) certification review member who has been certified by the pertinent certification body for information security management systems; or
– Review Penetration Report and consult to the project team and Sr. leaders
– Experience in design and implementation of enterprise (security) architecture, cloud security (e.g. AWS, Azure) and/or development of IT solutions or services.
– Experience in securing various levels of the enterprise architecture (data, application, host, middleware, network, Infrastructure)
– Experience working in complex, fast-paced environments
– Experience supporting, leading and influencing security assessments (e.g. SOC Type 2 reporting, PCI, ISO 27001).
– Big Picture Thinking / Attention to Detail – align strategic and tactical
– Previous experience developing effective and strong partnerships along with relationship building skills with business leaders and IT Partners
– Results Orientation/Sense of Urgency – ability to drive to short timelines
– Excellent interpersonal skills
– Creative problem-solving skills
– Customer focus (internal & external)
– Fluent in English and Korean (in verbal and written)
– Superb communication and collaboration skills, able to network and influence various levels of the organization, cross sector, cross-functionally and globally
– Proven ability to influence/collaborate to get to desired result
지원 방법
www.careers.jnj.com 접속 -> Position Number 2206063220W 검색 -> 해당 모집 공고의 “Apply Now” 클릭 후 온라인 지원 프로세스 진행
제출 서류
영문 자유 양식의 이력서/자기소개서 (Resume/Cover Letter)
서류 마감일
채용시 마감
For more Johnson & Johnson
– J&J Careers 유튜브 채널 : https://www.youtube.com/channel/UCZEsWOZwbcjcXHrgYq7sP4Q
– J&J Korea Facebook: https://www.facebook.com/JNJCareersKorea/
– J&J Linkedin: https://www.linkedin.com/company/johnson-&-johnson/
– J&J Corporate Page: http://www.jobkorea.co.kr/Company/1605233/Info
유의사항
– 서류를 PDF 로 된 한 개의 파일로 미리 준비 하시기 바랍니다.
– 서류 전형 합격자에 한하여 개별 통보합니다. 단, 회사 사정에 따라 지연 될 수 있습니다.
– 온라인 접수시 “Create Your Account” 를 통해 개인 이메일 계정을 등록하신 후 온라인 지원 프로세스를 진행할 수 있습니다. Ex) G-mail/Naver/Daum 등
– 모집 분야 관련하여 자세한 내용은 J&J 홈페이지에서 확인하시기 바랍니다. www.careers.jnj.com
More Information
- Address Yongsan-gu
- Experience Level Manager
- Total Years Experience 10-20
