Principal – Third Party Cyber Risk Assessment

Position: Principal – Third Party Cyber Risk Assessment Primary Location: Raritan, NJ (preferred). Also available internally in São José dos Campos, São Paulo, Brazil and Warsaw, Poland. Job Description Johnson & Johnson is recruiting a senior technical authority and thought leader for third‑party cyber risk assessments across its global ecosystem of vendors, SaaS providers, and strategic partners. The role is based in the United States with Raritan, NJ preferred, but is also open to our ISRM Service Centers in Brazil and Poland. Key Responsibilities Perform and lead third-party risk assessments, risk rankings, and collaboration on remediation strategies. Conduct deep technical reviews of third‑party security controls, evidence artifacts, attestations, and independent reports. Evaluate complex risk scenarios involving sensitive data types, regulatory obligations, complex architectures, and cross‑border data flows. Identify, document, and risk‑rate third‑party cyber issues, ensuring con...