Sr. Director, Security & Defense, Orthopedics
Listed on 2026-07-04
-
IT/Tech
Cybersecurity
Sr. Director, Security & Defense
Johnson & Johnson announced plans to separate our Orthopaedics business to establish a standalone Orthopaedics company, operating as DePuy Synthes. The process of the planned separation is anticipated to be completed within 18 to 24 months, subject to legal requirements, including consultation with works councils and other employee representative bodies, as may be required, regulatory approvals and other customary conditions and approvals.
Should you accept this position, it is anticipated that, following conclusion of the transaction, you would be an employee of DePuy Synthes, and your employment would be governed by DePuy Synthes employment processes, programs, policies, and benefit plans. In that case, details of any planned changes would be provided to you by DePuy Synthes at an appropriate time and subject to any necessary consultation processes.
DePuy Synthes is a global leader in Orthopaedics, advancing patient care through innovative solutions across joint reconstruction, trauma, spine, sports medicine, and related surgical technologies. As DePuy Synthes separates from Johnson & Johnson to become the world's largest, most comprehensive Orthopaedics-focused company, the organization is entering a defining chapter—establishing its own corporate identity, voice, culture, and reputation while continuing to serve patients, customers, and healthcare systems around the world.
JobOverview
The Sr. Director, Security & Defense is a senior technology leadership role responsible for setting and executing the cybersecurity and information protection strategy for DePuy Synthes. This leader plays a critical role in safeguarding enterprise systems, data, products, and operations while enabling business growth and digital innovation. The position partners closely with executive leadership, IT, Legal, Privacy, and business stakeholders to ensure a resilient, compliant, and risk‑aware security posture across the organization and reports into the DePuy Synthes Technology organization.
Key Responsibilities- Define and lead the enterprise security and cyber defense strategy aligned to business priorities and regulatory requirements.
- Oversee cybersecurity operations, including threat detection, incident response, vulnerability management, and security monitoring.
- Build and maintain a program focused on monitoring and responding to insider threats while supporting legal and employee relations as required.
- Establish and maintain security governance, policies, standards, and risk management frameworks across the organization.
- Lead and develop high‑performing security teams and external partners, fostering a strong culture of accountability and continuous improvement.
- Provide executive‑level reporting on security posture, risks, incidents, and remediation progress.
- Ensure compliance with global cybersecurity, data protection, and industry regulations relevant to medical technology and healthcare environments.
- Support M&A, separation, and transformation initiatives by assessing and mitigating cybersecurity risks.
Education
- Bachelor's degree required, preferably in Information Technology, Computer Science, Engineering, or a related field.
- Master's degree or MBA preferred.
Experience and Skills
Required:
- 12-14 years of experience in cybersecurity, information security, or technology risk management, including senior leadership roles.
- Demonstrated experience leading enterprise‑wide security programs in complex, regulated environments.
- Strong knowledge of cyber defense, incident response, identity and access management, cloud security, and risk frameworks.
- Experience leading and developing global or cross‑functional teams.
Preferred:
- Experience supporting healthcare, life sciences, or medical device organizations.
- Proven ability to influence executive stakeholders and translate technical risk into business impact.
- Experience with large‑scale technology transformations or corporate separations.
- Familiarity with global regulatory and compliance standards (e.g., ISO, NIST, GDPR, HIPAA).
- Strong change leadership and strategic planning capabilities.
Other:
- Travel:
Up to 20%, primarily domestic with…
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).