Cyber Resilience and Ransomware Readiness Lead

Come work at the forefront of science - and help the brands you grew up with grow and evolve into the next generation.

Job Description - Cyber Resilience and Ransomware Readiness Lead (2407029242W)

Cyber Resilience and Ransomware Readiness Lead

This position reports to Senior Manager, Ransomware Response and Resiliency and is based at Brazil.

Who we are

At Kenvue, we realize the extraordinary power of everyday care. Built on over a century of heritage and rooted in science, we’re the house of iconic brands - including Neutrogena, Aveeno, Tylenol, Listerine, Johnson’s and BAND-AID Brand Adhesive Bandages that you already know and love. Science is our passion; care is our talent. Our global team is made up of ~ 22,000 diverse and brilliant people, passionate about insights, innovation and committed to delivering the best products to our customers. With expertise and empathy, being a Kenvuer means having the power to impact the life of millions of people every day. We put people first, care fiercely, earn trust with science and solve with courage – and have brilliant opportunities waiting for you! Join us in shaping our future–and yours.

Travel %: 10

What you will do

The Cyber Resilience and Ransomware Readiness Lead is responsible for designing, planning and facilitating our tabletop exercise program, performing IT business continuity assessments, designing IT business continuity plans, and exercising business continuity plans against critical assets within our environment and their dependencies. We will rely on you to work collaboratively across all business functions globally to identify critical assets, identify workarounds, and build & test business continuity plans for Information Technology (IT) and Operating Technology (OT) systems.

Key Responsibilities

1. Ensure our business is resilient, ready, and able to respond and recover in the event of a successful ransomware attack.
2. Design, develop and facilitate tabletop exercises. Publish a yearly schedule of tabletop exercises identifying business processes, supporting IT applications, and business continuity plans to be tested. At the conclusion of the tabletop exercises, publish and track the implementation of the improvement actions identified.
3. Lead training and awareness, running drills, technical tests, and table-top exercises, and dissemination of after-action reports.
4. Define and lead the implementation of the IT business impact assessment/IT Business Continuity frameworks and processes to ensure the Company’s most critical assets are identified.
5. Drive adoption of backup and disaster recovery technologies.
6. Shape company policy and align to business goals, risk appetite and the changing external legal and regulatory environment.
7. Collaborate with owners of processes for risk visibility, accountability, and governance.
8. Partner with Operational Risk Management teams to develop end to end business continuity and IT/OT DR plans.
9. Develop and maintain strong relationships with vendors and strategic external partners.
10. Actively engage with and shape industry trends in cybersecurity capabilities and best practices.
11. Deliver high quality work outcomes and customer service in a high-pressure, fast-paced setting to meet company needs.
12. Develop and produce relevant analytical reports and program metrics to measure outcomes.
13. Identify and implement opportunities for process improvements.
14. Maintain Standard Operating Procedures for the management of business impact assessments and business continuity plans for IT systems.

What we are looking for

Required Qualifications

1. Minimum of 3 years’ experience in information security, business continuity, cybersecurity, security risk management, IT audit, or a closely related field is required.
2. A bachelor’s or advanced degree in Business, IT, Computer Science, or a demonstrable track-record of successful experiences in an equivalent role is preferred.
3. Business Continuity Planning experience is required.
4. Experience deploying or developing business continuity tools is required.
5. Experience developing and facilitating business continuity exercises of varying complexity (focused IT exercise to executive leadership exercises) is required.
6. Broad-based understanding of the current threat landscape and trends, especially in ransomware and extortion.
7. Broad-based understanding of securing and defending enterprise IT and Operational Technologies, especially in ransomware-resilient backup and recovery.
8. Strong leadership presence, influencing, collaboration, communication information-sharing and organizational skills.
9. Proven track record of innovation and continuous improvement.
10. Ability to collaborate with internal business partners and external vendors is required.
11. Good organization, planning, and time management skills are required.
12. Demonstrated ability to handle complexity and handle/prioritize multiple tasks is required.
13. Process orientation skills are required.
14. Excellent written and verbal skills are required.

Desired Qualifications

1. 8-10 years+ broader industry experience preferred.

What’s in it for you

1. Annual base salary. This takes into account a number of factors including work location, the candidate’s skills, experience, education level & other job-related factors.
2. Paid Company Holidays, Paid Vacation, Volunteer Time & More!
3. Learning & Development Opportunities.
4. Employee Resource Groups.
5. This list could vary based on location/region.

*Note: Total Rewards at Kenvue include salary, bonus (if applicable) and benefits. Your Talent Access Partner will be able to share more about our total rewards offerings and the specific salary range for the relevant location(s) during the recruitment & hiring process.

Kenvue is proud to be an Equal Opportunity Employer. All qualified applicants will receive consideration for employment based on business needs, job requirements, and individual qualifications, without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, protected veteran status, or any other legally protected characteristic, and will not be discriminated against on the basis of disability.

Primary Location

Kenvue is an Affirmative Action and Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, age, national origin, or protected veteran status and will not be discriminated against on the basis of disability.