Lead Product Security Engineer

Johnson & Johnson

Remote

Quick summary

Work type
Remote
Location
Remote
Salary
$94,000–$151,800 / yr
Posted
2 days ago

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $176k
This role $123k
$79k most similar roles pay here $235k

This role pays less than 93% of similar roles. Most pay $147,375–$205,375 — the shaded band above. At the midpoint, this role pays about $123k versus about $176k for comparable roles.

Based on 240 similar postings.

Employer

About Johnson & Johnson

Johnson & Johnson is a multinational corporation operating in three main segments: consumer health products, pharmaceuticals, and medical devices, known for brands like Tylenol, Band-Aid, and Janssen. Industry: Pharmaceuticals & Medical Devices

Johnson & Johnson currently has 71 open roles on FindRole.

Listed pay typically runs $117,000–$201,250 across 68 roles with salary data.

Most-posted roles

View all roles at Johnson & Johnson

At a glance

TL;DR · Lead Product Security Engineer

Apply Now Log in to save

Join J&J Heart Recovery as a Product Security Analyst in the newly formed Product Security team, where you will play a pivotal role in ensuring security by design across medical devices. This senior-level position involves collaborating with engineering and cross-functional teams to implement and maintain robust cybersecurity practices throughout the product lifecycle. Your daily tasks include creating comprehensive documentation for pre-market activities, defining key management infrastructure, and managing post-market vulnerability assessments. You will also support compliance certifications such as SOC2 and ISO 27001, integrating new standards into the security program while balancing business needs with security objectives. Ideal candidates have a Bachelor’s degree in Computer Science or related field, at least four years of industry experience in Information Security, and knowledge of regulatory frameworks like HIPAA and GDPR. Proficiency in security risk management techniques is essential, as is the ability to work effectively in a regulated environment.

Skills

ISO27001 SOC2 HIPAA GDPR NIST Cybersecurity Framework PKI HSMs TPMs Secure Enclave Integration Security Risk Management Threat Modeling SBOM Post-Market Vulnerability Management Compliance Certification FDA Regulations

What you'll do

  • Partner with engineering teams to ensure adherence to J&J Heart Recovery's product security program.
  • Deliver pre-market development documentation including security plans and threat models.
  • Implement key management infrastructure for device identity and authentication.
  • Monitor post-market vulnerability management activities adhering to strict timelines.
  • Support compliance certification activities such as SOC2, FedRAMP, ISO 27001.
  • Integrate new compliance requirements and industry standards into the product security program.
  • Guide teams in balancing business needs with security objectives.

What we're looking for

  • 4+ years of industry experience in Information Security
  • Working knowledge of regulatory standards and compliance frameworks (e.g., NIST Cybersecurity Framework, ISO27001)
  • Experience with security risk management techniques and tactics
  • Demonstrated ability to handle multiple assignments simultaneously and meet deadlines
  • Strong communication and interpersonal skills
  • Bachelor’s degree in Computer Science or related field
  • Experience working in a regulated environment (FDA-regulated preferred)

Related searches

More Lead Product Security Engineer jobs Remote Lead Product Security Engineer jobs All jobs at Johnson & Johnson

More like this

Similar roles

Sr. Product Security Engineer

Medtronic

Remote (Mounds View South, MN) 4 days ago $132,000$198,000
NIST OWASP IEC 81001-5-1 ISO 14971 FDA CI/CD Secure Software Development Lifecycle Security-by-design Embedded Device Security Medical Device Cybersecurity Standards CompTIA Security+ CISSP
Remote
Save

Product Security Engineer

Adobe

New York 18 days ago $149,400$216,300
Azure Python React FastAPI Celery Postgres Redis Kubernetes Argo LLM Prompt Engineering Vector Databases CI/CD Git Azure OpenAI GitHub Copilot Cursor
Save

Product Security Engineer

Adobe

San Jose 11 days ago $149,400$216,300
PowerBI JIRA Burp Suite OWASP Top 10 LLM testing methodologies Penetration testing AI/ML security Chat interfaces security Agentic workflows security Inference APIs security Vulnerability assessments Python Automation scripting PostgreSQL MySQL CI/CD
Save

Lead Security Software Engineer

CME Group

Chicago, IL 1 day ago $119,900$199,800
AWS Kubernetes Terraform Python Java JavaScript Docker Jenkins Maven Git CloudFormation Ansible Bash CI/CD PostgreSQL Splunk CloudWatch DevSecOps CIS NIST_800 PCI HIPAA
Save