Full-Time
ISRM Senior Analyst Product Cybersecurity
Posted on 11/1/2025
Johnson & Johnson
10,001+ employees
Global healthcare company offering pharma, devices.
No salary listed
Mumbai, Maharashtra, India
Remote
 IT & Security (1) |
|---|
- Bachelor’s degree or equivalent in Computer Science or similar engineering field
- Minimum 3+ years relevant experience, or equivalent combination of education/experience
- Must be experienced in Vulnerability Management, including scanning, remediation, stakeholder engagement, system administration and engineering
- Experience with SBOM creation/scanning automation
- Support cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level
- Support cyber defense trend analysis and reporting
- Support security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy using threat modeling
- Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings)
- Support risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change
- Provide input to the Risk Management Framework process activities and related documentation (e.g., system life-cycle support plans, concept of operations, operational procedures, and maintenance training materials)
- Support the creation of plans of action and breakthroughs or remediation plans are in place for vulnerabilities identified during risk assessments
- Applies ISRM product security policies and standards when performing all duties
- Anything a team member can do that contributes to improved systems reliability and availability is within scope
- Experienced in the following disciplines: APIs Security, Vulnerability Scan, compliance and threat detection, OWASP Top 10 API Security, Web App Security, AppSec, SAST, DAST, and SCA (Software composition analysis)
- Experience or good understanding of the different enterprise components to publish and use APIs (e.g., API Gateways (Apigee), Microservices, Cloud Components, Load Balancers, WAFs)
- Experience with API security testing, vulnerability scan and compliance reporting
- Experience with OWASP Top 10 for Web App & APIs
- Experience with Postman Collections, Swagger, OpenAPI, and other common formats for coordinating and functionally testing REST APIs
- Excellent analytical, written, and verbal communication skills – capable of explaining sophisticated requirements in simple words
- Any programming or integration experience in the past will be highly beneficial
- Healthcare medical equipment network integration management experience
- Cybersecurity management experience, preferably with medical devices
Johnson & Johnson operates in three main areas—pharmaceuticals, medical devices, and consumer health products—serving consumers, healthcare professionals, and institutions worldwide. It develops prescription medicines, sells surgical and vision care devices, and offers over-the-counter and personal care products, funded by direct sales, partnerships, and distribution agreements, with heavy investment in research and development. The company differentiates itself by combining three complementary businesses under one umbrella and maintaining a global footprint with an emphasis on science, innovation, and inclusive culture. Its goal is to help people live healthier lives by delivering reliable, high-quality healthcare products and solutions that improve patient outcomes.
Company Size
10,001+
Company Stage
IPO
Headquarters
New Brunswick, New Jersey
Founded
1886
Simplify's Take
What believers are saying
- Q1 2026 revenue hit $24.1 billion, up 9.9%, raising 2026 forecast to $100.8 billion.
- Nipocalimab gains FDA Priority Review for autoimmune hemolytic anemia and myasthenia gravis efficacy.
- Shockwave C2 Aero launches in US and Japan targeting 315 million calcified CAD patients.
What critics are saying
- Stelara sales plunge 60% to $656 million in Q1 2026 post-patent expiration, creating $2.3 billion hole.
- Icotyde stalls at 1,500 prescriptions, missing oncology targets by Q3 2026.
- CAPLYTA faces Invega Sustenna competition, achieving under 10% adoption by mid-2027.
What makes Johnson & Johnson unique
- J&J unites Innovative Medicine and MedTech under single brand since September 2023.
- DARZALEX and TREMFYA dominate oncology and immunology with $57 billion pharma sales in 2024.
- CARTO System leads electrophysiology for 30 years with AI-powered CARTOSOUND SONATA.
Help us improve and share your feedback! Did you find this helpful?
Benefits
Health Insurance
Dental Insurance
Vision Insurance
Life Insurance
Disability Insurance
401(k) Retirement Plan
401(k) Company Match
Paid Vacation
Paid Sick Leave
Paid Holidays
Remote Work Options
Performance Bonus
Company News
Johnson & Johnson's Spravato reported $468 million in first-quarter 2026 sales, up 46% year over year, signalling potential for psychedelics-focused companies like AtaiBeckley Inc., according to Jefferies analysts. The esketamine nasal spray, approved for treatment-resistant depression, is on track to reach an annualised run rate exceeding $1.9 billion. Jefferies maintained that Spravato could hit $3 billion in annual sales by 2027 and $5 billion at peak. Over 200,000 patients have been treated globally, up from 140,000 at the start of 2025. Analysts said Spravato's commercial success demonstrates psychedelics can succeed in mainstream healthcare, with existing treatment infrastructure potentially easing adoption of emerging therapies. They highlighted ATAI's intranasal candidate BPL-003 as fitting seamlessly into Spravato's treatment paradigm.
Johnson & Johnson reported 6.4% operational sales growth in Q1 2026, raising full-year guidance to $100.2 billion — the first time the company has reached the $100 billion milestone. The company reaffirmed expectations for double-digit revenue growth by decade's end. Innovative Medicine grew 7.4%, driven by 10 double-digit growing brands including DARZALEX and TREMFYA, despite a 61.7% decline in STELARA due to biosimilar competition. MedTech posted 4.6% growth, led by heart recovery and electrophysiology divisions. The company successfully launched ICOTYDE, the first oral IL-23 peptide for immunology. Management is progressing a $55 billion US manufacturing and R&D investment through 2029, with $12 billion already deployed. The planned separation of its DePuy Synthes Orthopaedics business targets mid-2027 completion.
Johnson & Johnson has launched VARIPULSE Pro in Europe following CE Mark approval, advancing its pulsed field ablation portfolio for treating atrial fibrillation. The system features a new pulse sequence that operates five times faster than its predecessor whilst maintaining equivalent lesion quality. VARIPULSE Pro integrates with the CARTO 3 mapping system and offers a lower temperature profile whilst preserving the platform's established safety and effectiveness profiles. The company is conducting the VARIPURE multicentre study to generate clinical evidence during the commercial launch phase. The technology addresses atrial fibrillation, the most common cardiac arrhythmia affecting over 50 million people worldwide. Johnson & Johnson will showcase VARIPULSE Pro at the European Heart Rhythm Association annual meeting, with 12-month interim study results to be presented. The device is not currently approved in the United States.
Johnson & Johnson has raised $120 million in a Series C round led by Ribbit Capital, valuing the company at $1.45 billion. Sequoia and Kleiner Perkins participated, with Emerson Collective joining as a new backer. The pre-revenue company is developing "Mathematical Superintelligence", an AI system focused on advanced reasoning that claims to eliminate hallucinations by requiring outputs in Lean4 programming language. Its flagship model, Aristotle, achieved top-level performance at the International Mathematical Olympiad in July. Founded in 2023, Harmonic has raised $295 million across three funding rounds in 14 months. The company currently offers Aristotle via a free API and plans to commercialise in safety-critical industries like aerospace and finance.
Nanobiotix has transferred full operational and financial responsibility for its NBTXR3 radioenhancer programme to Johnson & Johnson, with Phase III head-and-neck results expected in H1 2027 and Phase II lung cancer data anticipated in early 2027. The company is pivoting towards its Curadigm nanoprimer platform, filing four patents, starting GMP manufacturing and signing over 20 material transfer agreements with partners. Additional Curadigm data is expected before summer's end. An amended Janssen licence removing most Phase III funding obligations, combined with a royalty financing of up to $71 million, extends Nanobiotix's cash runway into early 2028. The company reported EUR 32.6 million revenue in 2025, reduced R&D spending to EUR 23.1 million, and EUR 52.8 million cash at year-end.