Johnson & Johnson · 1 month ago
Analyst, Cyber Risk Assessment
Raritan, New Jersey, United States of America
Full-time
Hybrid
Mid Level
$79K/yr - $128K/yr
3+ years expJohnson & Johnson is a leading healthcare company committed to innovation in health solutions. The Cyber Security Analyst will be part of the Information Security & Risk Management team, focusing on identifying and assessing cyber risks within hosted solutions and collaborating with a global team of cybersecurity professionals.
Hospital & Health Care
Responsibilities
Perform and lead technical application risk assessments, design reviews, risk rankings, and collaboration on remediation strategies as needed
Perform in-depth reviews of control implementation evidence to assess control sufficiency, operating effectiveness, and any gaps requiring remediation
Communicate cybersecurity risk assessment results to key stakeholders and management and provide input on remediation plans
Enhance cyber risk assessment processes by defining and implementing process improvements
Support the design of cybersecurity controls to ensure proper design implementation and assurance testing
Offer consulting support to the larger cybersecurity team on risk assessment understanding and remediation
Qualification
Required
A bachelor's degree in Computer Science, Engineering or Information Security/Cybersecurity or equivalent degree is required
3+ years of direct cybersecurity risk assessment experience, including application of risk assessment/management concepts and internal controls and using a GRC tool to support security risk objectives
Proficiency in conducting and leading application-level risk assessments, including data classification, risk scoring, and mitigation planning
Ability to translate technical findings into business impact for key partners
Strong analytical and problem-solving skills
Strong interpersonal skills to build and maintain relationships with internal partners
Preferred
Experience securing cloud environments and/or SaaS platforms
Understanding of secure software development life cycle (SSDLC), threat modeling, and vulnerability management
Foundational knowledge of regulatory requirements (e.g., SOX404, Privacy, HIPAA, GxP, cyber regulations)
Experience with security standards and control frameworks (e.g. FAIR, ISO27001, NIST, SOC 2, OWASP Top 10, CSA STAR, etc.)
Benefits
Subject to the terms of their respective plans, employees are eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
Vacation –120 hours per calendar year
Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year
Holiday pay, including Floating Holidays –13 days per calendar year
Work, Personal and Family Time - up to 40 hours per calendar year
Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year
Caregiver Leave – 80 hours in a 52-week rolling period10 days
Volunteer Leave – 32 hours per calendar year
Military Spouse Time-Off – 80 hours per calendar year
Company
Johnson & Johnson
At Johnson & Johnson, we believe health is everything.
10001+ employees
H1B Sponsorship
Johnson & Johnson has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (48)
2024 (56)
2023 (58)
2022 (59)
2021 (44)
2020 (27)
Funding
Current Stage
Late StageLeadership Team
Alex Gorsky
Former Chairman and CEO, Johnson & Johnson
Joaquin Duato
Chairman of the Board and Chief Executive Officer
Recent News
2025-10-07
2025-10-07
Company data provided by crunchbase