Sr. Analyst, SOC L2

Johnson & Johnson is recruiting for a Senior Analyst, Level 2 Cyber Threat Detection within the Cyber Security Operations Center (CSOC) supporting the Information Security and Risk Management (ISRM) group located in Raritan, NJ or Beerse, Belgium with a focus on Operational Technology (OT) and Industrial Control Systems (ICS). Other Johnson & Johnson locations may be considered. This role may require up to 10% travel.

Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science - bringing innovative ideas, products, and services to advance the health and well-being of people.

With $82.1 billion in 2020 sales, our company is the world’s most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world.

Position Summary

Are you driven by a sense of purpose? We are focused, driven, and dedicated to providing world-class Security incident handling services. On the Security Operations Center level 1 (SOC L1)/ level 2 (SOC L2) team, we continually supervise possible malicious activity in our environment, looking for malicious activity that could be an indication of a security incident. We analyze security alerts, assess threat impact and coordinate containment, mitigation and eradication strategies by investing in our people.

Key Responsibilities:

• Handling security incidents raised by our SOC L1 team and ensure timely handling of the incident. Add context to the incident to understand the behavior, analyzing data from multiple tools and data sources
• Act as a point of collaboration in coordinated efforts to analyze, assess and defend against cyber-attacks by partnering with IT/OT contacts, end users and ISRM colleagues
• Participate in the IT/OT security incident response process
• Make policy and rule recommendation to improve our detection rules and reduce False positives alerts through analysis, collaboration and metrics collection.
• Support project teams and colleagues on security issues and related internal control gaps.
• Analyze systems identified as potentially compromised
• Create or update procedural documentation on incident response detection activities

• A minimum of a bachelor’s degree or equivalent related experience is required.
• A Minimum of 5 years of overall professional IT / OT experience.
• A minimum of 1 years of security operations experience.
• A minimum of 1 year of experience with ICS systems, experience in supporting or troubleshooting industrial protocols.
• Advanced in English is required. (Advanced: writing, reading, and speaking)
• Knowledge of incident response processes.
• Strong IT experience with common operating systems, services, networking protocols, logging, attacker techniques / tools and the ability to articulate the relationship between the various data sources.
• Strong interest in and experience with Cybersecurity platforms, common industrial network protocols!
• A solid grasp of the current threat landscape including the latest tactics, tools, and procedures, common malware variants, and effective techniques for detecting this malicious activity.
• Superb interpersonal, verbal, and written communication skills.
• Possessing the credibility and presence to act as domain expert.
• Creative problem-solving skills.
• Results Orientation/Sense of Urgency – ability to drive to short timelines

Preferred:

• Experience working with virtual, global teams – including diverse groups of people with multifaceted backgrounds and cultural experience is preferred
• Security certifications such as CISSP, CISM, GCIH, GICSP or equivalent

The base pay range for this position is $72,000 to $101,000 USD. The Company maintains highly competitive, performance-based compensation programs. Under current guidelines, this position is eligible for an annual performance bonus in accordance with the terms of the applicable plan. The annual performance bonus is a cash bonus intended to provide an incentive to achieve annual targeted results by rewarding for individual and the corporation’s performance over a calendar/ performance year. Bonuses are awarded at the Company’s discretion on an individual basis.

Employees may be eligible to participate in Company employee benefit programs such as health insurance, savings plan, pension plan, disability plan, long-term incentive, vacation pay, sick time, holiday pay, and work, personal and family time off in accordance with the terms of the applicable plans. Additional information can be found through the link below.

For additional general information on company benefits, please go to: - https://www.careers.jnj.com/employee-benefits

At Johnson & Johnson, we’re on a mission to change the trajectory of health for humanity. That starts by creating the world’s healthiest workforce. Through cutting-edge programs and policies, we empower the physical, mental, emotional and financial health of our employees and the ones they love. As such, depending on location and subject to local legislation, candidates offered employment may be required to show proof of COVID-19 vaccination or, in certain countries, secure an approved accommodation prior to the commencement of employment to support the well-being of our employees, their families and the communities in which we live and work. If you are invited to interview for the position, your recruiter will advise on the vaccine requirement status in your geographic location.

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

#ISRM