This job has expired

IT Analyst, Security Analytics and Automation (SAA)

Johnson & Johnson Vision
Not Specified
Not Specified

Job Description


Information Security and Risk Management (ISRM) is recruiting for a(n) IT Analyst, Security Analytics and Automation (SAA), located in either Raritan, NJ, Beerse or Singapore. Caring for the world, one person at a time has inspired and united the people of Johnson & Johnson for over 125 years. We embrace research and science -- bringing innovative ideas, products, and services to advance the health and well-being of people. With $82.1 billion in 2020 sales, Johnson & Johnson is the world's most comprehensive and broadly based manufacturer of health care products, as well as a provider of related services, for the consumer, pharmaceutical, and medical devices markets. Employees of the Johnson & Johnson Family of Companies work with partners in health care to touch the lives of over a billion people every day, throughout the world. If you have the talent and desire to touch the world, Johnson & Johnson has the career opportunities to help make it happen. The IT Analyst will work with cyber security professionals to craft and implement security analytics critical to security monitoring. The engineer will also develop and deploy security workflows on automation platform Cortex XSOAR, collaborating with relevant Security Engineering teams, integrating with numerous security tools and services across J&J's environment. This position will partner with internal Information Security & Risk Management teams such as the Cyber Security Operations Center (CSOC) and other groups under the J&J Technology umbrella, including but not limited to Network, DARM, Data Protection, OT/IT, and Server. Key Responsibilities: Maintain and solve any issues related to the Cortex XSOAR platform to ensure minimal downtime, working with the vendor as necessary Develop a wide gamut of Cortex XSOAR integrations with security platforms within ISRM leveraging their respective APIs (REST, GraphQL, SOAP, etc.) Develop Cortex XSOAR playbooks and automations to orchestrate security logic and enhance operational workflows, creating incident tickets as necessary Collaborate closely with teams across the CSOC and Information Security & Risk Management to identify and define opportunities to improve efficiency and effectiveness through automation, prioritizing essential capabilities and functions that would enable reduction in cybersecurity risk Take part in a global security analytics program, developing threat analytics based on internal and external intelligence reporting and vulnerability research to detect emerging threats Document security analytics, mapping them to the MITRE ATT&CK framework Provide support to CSOC, Incident Response, and Cyber Investigations teams as needed Maintain knowledge of applicable Security Operations policies, regulations, and compliance documents specifically related to security Define alert rules on JNJ's SIEM platforms Qualifications Experience and Skills: Required: A minimum of a bachelor's degree or equivalent is required. MS and/or advanced degree is preferred A minimum of two (2) years of relevant work experience is required Proven expertise working with the Python 2.x and 3.x programming language Experience integrating through diverse (REST) APIs Solid understanding of information security principles, debugging, root cause analysis, and troubleshooting skills Must have a strong work ethic and communication (written and verbal), allowing them to communicate with technical and non-technical audiences Excellent creative problem-solving skills and customer mindedness This position could be located in Raritan, NJ Beerse, or Singapore. This role may require up to 10% of travel. Preferred: Familiarity with ServiceNow and the Security Incident Response (SIR) module, both from a user and programmatic standpoint Familiarity with development tools such as Postman, Notepad++, SublimeText, and Atom Experience working with code management software such as git and BitBucket Basic knowledge of different OSes (Windows, RHEL, CentOS, etc.) Hands-on experience with Security Information and Event Managements (SIEM) platforms and associated investigations Experience working with virtual, global teams - including diverse groups of people with multifaceted backgrounds and cultural experiences Other: English language skills - Proficient Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability. Primary Location United States-New Jersey-Raritan-1000 US HIghway 202 Other Locations Asia Pacific-Singapore-Singapore-Singapore, Europe/Middle East/Africa-Belgium-Antwerp-Beerse Organization Johnson & Johnson Services Inc. (6090) Job Function Info Technology Requisition ID 2105962226W

Job Details

Similar Jobs

Career Advice to Find Better