Cybersecurity Lead

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at https://www.jnj.com

Technology Enterprise Strategy & Security

Security & Controls

Scientific/Technology

São José dos Campos, São Paulo, Brazil, São Paulo, Brazil

We are seeking an experienced and highly skilled Technology Lead to join our Information Security & Risk Management Email Security Engineering Team. The ideal candidate will have a deep understanding of email security protocols, best practices, threat detection & mitigation strategies. You will be responsible for protecting our email infrastructure from Cyber Threats, analyzing security data, and providing actionable insights to improve our security posture.

• Proactive Defense: Implement and manage robust email security solutions, including anti-phishing, anti-spam, anti-malware, and anti-virus measures to proactively safeguard the organization from email-borne threats

• Threat Intelligence & Response:

  • Monitor, analyze, and rapidly respond to email security incidents (e.g., phishing attacks, BEC, spam, malware) to minimize impact and mitigate risk

  • Conduct in-depth analysis of security incidents and emerging trends to identify anomalies, patterns, and actionable insights for both technical and non-technical stakeholders

• Data-Driven Insights: Generate and maintain comprehensive reports on email security metrics and trends to inform strategic decision-making and continuous improvement

• Security Awareness: Develop and deliver engaging training materials and sessions to educate staff on email security best practices, emerging threats, and the proper use of security solutions

• Continuous Improvement:

  • Conduct regular email security posture assessments to identify areas for enhancement and optimize existing security controls

  • Manage and optimize email security tools to ensure efficient performance, enhance threat detection capabilities, and improve response times

• Cross-Functional Collaboration: Work closely with IT, cybersecurity, and other business units to integrate email security measures across the organization, ensuring seamless and secure communication

• Automation & Efficiency: Identify and implement automation opportunities to streamline repetitive tasks and enhance operational efficiency

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent work experience)

• 5+ years of experience in a Senior Analyst or Technology Lead role with a focus on email security

• 2+ years of experience with data analytics

• Familiarity with SIEM platforms, DLP tools, and incident response procedures

• Hands‑on experience with vulnerability management and threat hunting within email systems

• Proficient in email security platforms (e.g., Cisco Secure Email, Microsoft Defender for Office 365, Proofpoint, Mimecast)

• Strong knowledge of email security technologies, including SPF, DKIM, DMARC, and email encryption protocols

• Experience with scripting and automation (e.g., Python, PowerShell, KQL)

• Experienced with the Microsoft 365 cloud email platform

• Excellent problem-solving and critical thinking skills

• Strong written and verbal communication skills for effective collaboration with cross-functional teams and stakeholders

• Ability to analyze complex data, identify trends, and present findings to leadership in a clear and concise manner

• Communication

• Corrective and Preventive Action (CAPA)

• Critical Thinking

• Information Security Auditing

• Information Security Management System (ISMS)

• Information Technology (IT) Security Assessments

• Information Technology Strategies

• Mentorship

• Network Optimization

• Presentation Design

• Process Optimization

• Report Writing

• Security Policies

• Technical Credibility

• Technologically Savvy

• Training People

• Vulnerability Assessments

• Communication

• Corrective and Preventive Action (CAPA)

• Critical Thinking

• Information Security Auditing

• Information Security Management System (ISMS)

• Information Technology (IT) Security Assessments

• Information Technology Strategies

• Mentorship

• Network Optimization

• Presentation Design

• Process Optimization

• Report Writing

• Security Policies

• Technical Credibility

• Technologically Savvy

• Training People

• Vulnerability Assessments