Experienced Analyst - OT Cybersecurity Engineering

3d3 days ago

Johnson & Johnson

São Paulo, BR · Full-time · BRL 144,000 – BRL 216,000

About this role

Johnson & Johnson is recruiting an Experienced Analyst for Operational Technology Cybersecurity within the Information Security and Risk Management organization. The role supports global OT Security platforms, solutions, and services. It is based in São José dos Campos, Brazil or Warsaw, Poland.

As a team member you will lead engineering, deployment, integration, and tuning of OT security capabilities. Daily work includes collaborating with Vulnerability Management, Security Monitoring, and IT Network teams. You will also partner with the Supply Chain security group and Cyber Security Operations Center.

The position focuses on delivering defense-in-depth protections across IT/OT networks, controls, infrastructure, and applications. You will work within a global Technology Enterprise Strategy & Security function that values an inclusive environment and individual merit.

Johnson & Johnson’s mission of caring for the world one person at a time drives continuous innovation in healthcare security. The role offers the chance to advance OT threat detection and automation at enterprise scale.

Requirements

Experience supporting global OT Security platforms and solutions.
Familiarity with Cyber Kill Chain and MITRE ATT&CK frameworks.
Ability to generate threat behavior analytics for OT environments.
Experience implementing detection strategies from intelligence reporting.
Proficiency performing tuning, alert management, and device configuration tasks.
Strong collaboration skills across Vulnerability Management, CSOC, and network teams.

Responsibilities

Lead one or more global technologies in the OT Security Engineering team providing defense-in-depth capabilities for IT/OT networks and systems.
Drive integration and automation between different IT/OT technologies.
Support OT Cybersecurity workflows to assess risk, increase visibility, and reduce impact of vulnerabilities.
Test and validate security controls throughout the Cyber Kill Chain and MITRE ATT&CK framework.
Generate innovative threat behavior analytics for discovering historical and emerging threats to OT networks.
Implement detection strategies based on internal and external intelligence reporting and vulnerability research.
Perform administrative tasks for tuning, alerts, correlation rules, signatures, device configurations, patching, and upgrades.
Establish and maintain relationships with suppliers, vendors, and partners.