Sr. Director, Security & Defense, Orthopedics

Job Overview

The Sr. Director, Security & Defense is a senior technology leadership role at DePuy Synthes responsible for setting and executing the cybersecurity and information protection strategy. The role safeguards enterprise systems, data, products, and operations, enabling business growth and digital innovation while reporting to the DePuy Synthes Technology organization.

• Define and lead the enterprise security and cyber defense strategy aligned to business priorities and regulatory requirements.
• Oversee cybersecurity operations, including threat detection, incident response, vulnerability management, and security monitoring.
• Build and maintain a program focused on monitoring and responding to insider threats while supporting legal and employee relations as required.
• Establish and maintain security governance, policies, standards, and risk management frameworks across the organization.
• Lead and develop high‑performing security teams and external partners, fostering a strong culture of accountability and continuous improvement.
• Provide executive‑level reporting on security posture, risks, incidents, and remediation progress.
• Ensure compliance with global cybersecurity, data protection, and industry regulations relevant to medical technology and healthcare environments.
• Support M&A, separation, and transformation initiatives by assessing and mitigating cybersecurity risks.

• Bachelor’s degree required, preferably in Information Technology, Computer Science, Engineering, or a related field.
• Master’s degree or MBA preferred.

• 12-14 years of experience in cybersecurity, information security, or technology risk management, including senior leadership roles.
• Demonstrated experience leading enterprise‑wide security programs in complex, regulated environments.
• Strong knowledge of cyber defense, incident response, identity and access management, cloud security, and risk frameworks.
• Experience leading and developing global or cross‑functional teams.
• Preferred:
  Experience supporting healthcare, life sciences, or medical device organizations; proven ability to influence executive stakeholders and translate technical risk into business impact; experience with large‑scale technology transformations or corporate separations; familiarity with global regulatory and compliance standards (ISO, NIST, GDPR, HIPAA); strong change leadership and strategic planning capabilities.

• Travel:
  Up to 20%, primarily domestic with occasional international travel.
• Certifications (preferred): CISSP, CISM, CRISC, or equivalent.
• Estimated base pay range: $178,000 – $307,050.
• Benefits included: vacation, sick time, holiday pay, personal and family time, parental leave, bereavement leave, caregiver leave, volunteer leave, military spouse time‑off; further details available on the company benefits website.

Johnson & Johnson is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, protected veteran status, or other characteristics protected by federal, state, or local law. We actively seek qualified candidates who are protected veterans and individuals with disabilities as defined under VEVRAA and Section 503 of the Rehabilitation Act.

Johnson & Johnson is committed to providing an interview process that is inclusive of applicant needs. Requests for accommodations may be made by contacting the Employee Health Support Center at ra- or through AskGS for accommodation resources.