Profiles search
Justin Bovee
Information Security & Risk Management
Los Angeles, CA, United States
Details
Experience:
Developed a Data Protection Strategy for global J&J that outlines the tactics needed to identify and catalog both structured and unstructured data assets, as well as determine where and how data assets can be used within the global regulatory frameworks those assets are governed by. Implementing a multi-year plan based on the strategy and tactics.
Implemented the HITRUST framework for J&J globally as a strategic path toward proving security and privacy maturity to customers, regulators, and business partners. Working with IT to implement a layered approach to HITRUST that allows platform and project teams to leverage existing self and third party assessment to reduce work on their own certification efforts.
Designed, implemented, and run the global J&J PCI security and compliance program for 28 individual merchant companies across nine countries.
Lead adherence to the HIPAA security rule for J&J Covered Entities and Business Associates.
2016 : Present
Johnson & Johnson
Sr. Manager, Information Security & Risk Management
Information Security Officer (ISO) for Janssen Commercial Pharmaceuticals North America and head of Digital Risk Assurance for Janssen worldwide.
2013 : 2015
Janssen Pharmaceutical Companies of Johnson & Johnson
Sr. Manager, IT Risk Assurance
Information Security Risk Management SME to the global pharmaceuticals business. Interpret policy and regulation, advise on risk identification, mitigation, and acceptance. Assess business unit security programs and work product.
Also lead digital asset risk management activities for the entire enterprise, ensuring J&J public facing digital properties (websites, mobile apps) comply with applicable regulatory and policy requirements, and are built using best security practices.
2008 : 2013
Johnson & Johnson
Manager, Worldwide Information Security
Lead collaboration with the member companies and vendor partners to initiate new enhancements for the PKI, and address regulatory issues that will impact the infrastructure and member companies.
2008 : 2011
SAFE-BioPharma Association
Chair, Technology Working Group
Promoted to manage Information Security and Compliance for Pharmaceutical Research & Development in California and quickly awarded added accountability for Governance and Operations. Oversaw major IT functions including : security risk assessment, incident response, security policy creation and enforcement, business continuity planning, disaster recovery, Sarbanes Oxley, Safe Harbor, application support, and business planning for a $23MM budget. Managed and mentored a team of four professionals. Served as a member of the IT Senior Leadership Team.
2005 : 2008
ALZA Corporation (Johnson & Johnson)
Manager, Information Technology
Implemented the HITRUST framework for J&J globally as a strategic path toward proving security and privacy maturity to customers, regulators, and business partners. Working with IT to implement a layered approach to HITRUST that allows platform and project teams to leverage existing self and third party assessment to reduce work on their own certification efforts.
Designed, implemented, and run the global J&J PCI security and compliance program for 28 individual merchant companies across nine countries.
Lead adherence to the HIPAA security rule for J&J Covered Entities and Business Associates.
2016 : Present
Johnson & Johnson
Sr. Manager, Information Security & Risk Management
Information Security Officer (ISO) for Janssen Commercial Pharmaceuticals North America and head of Digital Risk Assurance for Janssen worldwide.
2013 : 2015
Janssen Pharmaceutical Companies of Johnson & Johnson
Sr. Manager, IT Risk Assurance
Information Security Risk Management SME to the global pharmaceuticals business. Interpret policy and regulation, advise on risk identification, mitigation, and acceptance. Assess business unit security programs and work product.
Also lead digital asset risk management activities for the entire enterprise, ensuring J&J public facing digital properties (websites, mobile apps) comply with applicable regulatory and policy requirements, and are built using best security practices.
2008 : 2013
Johnson & Johnson
Manager, Worldwide Information Security
Lead collaboration with the member companies and vendor partners to initiate new enhancements for the PKI, and address regulatory issues that will impact the infrastructure and member companies.
2008 : 2011
SAFE-BioPharma Association
Chair, Technology Working Group
Promoted to manage Information Security and Compliance for Pharmaceutical Research & Development in California and quickly awarded added accountability for Governance and Operations. Oversaw major IT functions including : security risk assessment, incident response, security policy creation and enforcement, business continuity planning, disaster recovery, Sarbanes Oxley, Safe Harbor, application support, and business planning for a $23MM budget. Managed and mentored a team of four professionals. Served as a member of the IT Senior Leadership Team.
2005 : 2008
ALZA Corporation (Johnson & Johnson)
Manager, Information Technology
Company:
Johnson & Johnson
About
Specialties: Certified Information Systems Security Professional - CISSP
HealthCare Information Security & Privacy Practitioner - HCISPP
Information Systems Security Management Professional - ISSMP
PCI SSC Internal Security Assessor - PCI ISA
HITRUST Certified CSF Practitioner - CCSF
Information Security, IT Compliance, IT Governance, privacy, HIPAA Security, HITRUST, GDPR, Safe Harbor, CobiT, disaster recovery, business continuity planning, business planning, policy creation, risk assessment, incident response, Data Loss Prevention (DLP), Payment Card Industry Professional (PCIP)
Profile Photo
