Senior Analyst, Operational Technology Cybersecurity Engineering

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at

Job Function
Technology Enterprise Strategy & Security

Job Sub Function
Security & Controls

Job Category
Scientific/Technology

All Job Posting Locations:
São José dos Campos, São Paulo, Brazil, Warsaw, Masovian, Poland

Job Description
Senior Analyst, Operational Technology Cybersecurity Engineering
Johnson & Johnson is currently recruiting for a Senior Analyst Operational Technology Cyber Security within the Information Security and Risk Management (ISRM) organization.

This position is based out
Warsaw, Poland
or
São José dos Campos, Brazil
.

Caring for the world, one person at a time, has inspired and united the people of Johnson & Johnson for over 135 years. We embrace research and science -- bringing innovative ideas, products, and services to advance the health and well-being of people.

At Johnson & Johnson, we believe good health is the foundation of vibrant lives, thriving communities, and forward progress. That is why for more than 135 years, we have aimed to keep people well at every age and every stage of life. Today, as the world's largest and most broadly-based healthcare company, we are committed to using our reach and size for good. We strive to improve access and affordability, create healthier communities, and put a healthy mind, body, and environment within reach of everyone, everywhere. Every day, our more than 130,000 employees across the world are blending heart, science, and ingenuity to profoundly change the trajectory of health for humanity.

Thriving on a diverse company culture, celebrating the uniqueness of our employees, and committed to inclusion, J&J is proud to be an equal opportunity employer.

As a member of the Operational Technology Cybersecurity Engineering team, you will contribute to the technical implementation and ongoing support of Tanium OT and related services. You will work closely with cybersecurity and infrastructure teams to ensure platform reliability, performance, and alignment with enterprise security goals. The role requires a hands-on approach to automation, integration, and operational support, with opportunities to lead technical initiatives within your domain.

This position will also partner with internal ISRM teams such as the Supply Chain security, Cyber Security Operations Center (CSOC), and other groups under the J&J Technology umbrella, including but not limited to End User, Server, and Network support.

Key Responsibilities

• Oversee the design and lifecycle management of Tanium OT and related services. In-depth experience in Patch, Deploy and Enforce modules
• Define and implement strategies for platform performance, security hardening, and automation.
• Validate data flows and integration points to maintain accuracy and compliance.
• Act as the technical authority for Tanium OT capabilities and provide guidance on best practices.
• Collaborate with security and infrastructure teams to ensure platform reliability and adherence to operational standards.
• Maintain validated documentation and ensure adherence to regulatory and change management processes. Drive integrations and automation between different OT technologies.
• Support Cybersecurity workflows, to assess risk, increase visibility and reduce impact of vulnerabilities across the OT environments.
• Test and validate security controls throughout the different phases of the Cyber Kill Chain, and the MITRE ATT&CK framework to prevent, detect, and respond.
• Generate innovative threat behavior analytics for discovering historical and emerging threats to networks and systems.
• Implement detection strategies based on internal and external intelligence reporting and vulnerability research.
• Perform administrative tasks associated with tuning, alerts, correlation rules, signatures, device configurations, patching, and upgrades.
• Establish and maintain relationships with the suppliers, vendors, and partners.
• Assists with security events/incidents, coordinating activities with the CSOC and others – as needed.

Qualifications
Education:

• A bachelor's degree or equivalent experience in the information security or information technology sector

Required
Experience and Skills

• Tanium Certified Administrator with extensive experience managing large-scale deployments. Strong understanding of Tanium SaaS architecture and operational workflows.
• Strong foundation in information security principles, with proven ability in debugging and root cause analysis in OT environments.
• Experience engineering, installing, configuring, and operating security solutions and appliances across large-scale, hybrid environments (AWS, Azure, GCP, on-prem).
• Ability to engineer, customize, and extend endpoint management and visibility platforms, including developing integrations, automation, and product-level enhancements.
• Familiarity with agile frameworks and DevSecOps practices, with the ability to deliver iteratively while maintaining reliability in high-risk environments.
• Proven track record leading complex implementations, demonstrating risk-aware problem solving and balancing security with operational continuity.
• Strong communication skills (written and verbal), able to translate technical details into clear guidance for both technical and non-technical stakeholders.
• Knowledge of security frameworks and standards (NIST CSF, CIS Controls, OWASP, SANS) and ability to apply them pragmatically in OT contexts.
• Working knowledge of the MITRE ATT&CK framework, including OT-specific TTPs, and ability to map telemetry to adversary behaviors.
• Experience collaborating with distributed, global teams, working effectively across diverse cultural and technical backgrounds.

Johnson & Johnson is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.

Required Skills
Preferred Skills:
Communication, Corrective and Preventive Action (CAPA), Critical Thinking, Information Security Auditing, Information Security Management System (ISMS), Information Technology (IT) Security Assessments, Information Technology Strategies, Mentorship, Network Optimization, Presentation Design, Process Optimization, Report Writing, Security Policies, Technical Credibility, Technologically Savvy, Training People, Vulnerability Assessments