Principal, Database Security Engineering

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com.

As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit.

Job Function

Technology Enterprise Strategy & Security

Job Sub Function

Security & Controls

Job Category

Scientific/Technology

All Job Posting Locations:

São José dos Campos, São Paulo, Brazil, São Paulo, Brazil, Warsaw, Masovian, Poland

Job Description

We are searching for the best talent for Principal, Database Security Engineering.

Role Objective

Establish and operate a dedicated L3 Support function for Database Activity Monitoring (DAM) to strengthen data security, regulatory compliance, and incident response. This role brings hands-on expertise in IBM Guardium (or equivalent DAM), cloud and containerized environments, CI/CD, and database security operations to proactively protect, monitor, and audit critical data assets, with a focus on Guardium Data Protection (GDP) maintenance and optimization—installing patches/releases, resolving L1/L2 critical issues, supporting UAT, tuning GDP policies to reduce false positives, aiding security incident response, and updating documentation. This will improve security posture, shorten remediation times, and ensure ongoing compliance.

Key Responsibilities

• Install patches and new GDP releases on servers and agents
• Fix and resolve production issues advanced by L1/L2
• Support UAT tests
• Tune GDP policies to reduce false positives
• Assist security incident response
• Update and maintain documentation
  
  

Qualifications

• 7+ years in IT infrastructure and DBMS platform security risk management, vulnerability management/security configurations; relevant certifications (e.g., CISSP, GIAC, OSCP) preferred.
• Solid experience with SQL, database security hardening, CIS Benchmarks, cloud security solutions, Identity Management integrations, and threat modeling.
• Excellent collaborator of communication and executive reporting skills.
  
  

Nice-to-haves

• Experience with regulatory frameworks (NIST CSF, 800-53, ISO 27001, PCI-DSS, HIPAA).
• Prior experience conducting controlled exploitation simulations or red-team/blue-team exercises.
• Knowlegeable on AKS/EKS clusters, Docker containers, HELM Chart, XENA, Load balancers, TLS, and Network security.
  
  

Please note that this role is available across multiple countries and may be posted under different requisition numbers to comply with local requirements. While you are welcome to apply to any or all of the postings, we recommend focusing on the specific country(s) that align with your preferred location(s):

Sao Paulo, Sao Jose dos Campos | Brazil - Requisition Number: R-065396

• Warsaw | Poland - Requisition Number: R-065655
  
  

Required Skills

Cybersecurity, Database Administration, Data Security, Data Security Management, Microsoft SQL Server DBA

Preferred Skills

Business Process Design, Crisis Management, Critical Thinking, Information Security Auditing, Information Security Management System (ISMS), Information Technology (IT) Security Assessments, Information Technology Strategies, Mentorship, Organizing, Presentation Design, Process Optimization, Root Cause Analysis (RCA), Security Architecture Design, Security Policies, Technical Credibility, Vulnerability Management