Director, 3rd Party RM. Program (BPO)

Johnson & Johnson•West Chester, PA

10d•Hybrid

About The Position

At Johnson & Johnson, we believe health is everything. Our strength in healthcare innovation empowers us to build a world where complex diseases are prevented, treated, and cured, where treatments are smarter and less invasive, and solutions are personal. Through our expertise in Innovative Medicine and MedTech, we are uniquely positioned to innovate across the full spectrum of healthcare solutions today to deliver the breakthroughs of tomorrow, and profoundly impact health for humanity. Learn more at jnj.com As guided by Our Credo, Johnson & Johnson is responsible to our employees who work with us throughout the world. We provide an inclusive work environment where each person is considered as an individual. At Johnson & Johnson, we respect the diversity and dignity of our employees and recognize their merit. The Director, Third-Party Risk Management Program provides strategic leadership and enablement of an effective enterprise-wide third-party risk management (TPRM) program, with a focus on mitigating anti-bribery/anti-corruption risks (e.g., Foreign Corrupt Practices Act and similar laws) in third-party intermediary engagements. Serving as the Business Process Owner (BPO) for TPRM, this individual works closely with stakeholders across Compliance, Legal, Information Technology (IT), Procurement, and other functions to define program requirements, implement enabling technology solutions, and continuously improve global processes and tools. This role requires a forward-looking leader who can champion an ethical business culture and foster organizational change. The Director will model integrity, empower cross-functional collaboration, and ensure that managing third-party compliance risk becomes an integral, ongoing part of the company’s business processes. By balancing thorough risk controls with business enablement, the Director of TPRM helps protect the company’s reputation and ensure sustainable growth in a complex global environment. This role reports to the Senior Director HCC Risk Mgmt Strategy & Enablement.

Requirements

Bachelor’s degree in Law, Business, Compliance, Finance, Healthcare Administration, or a related field.
10–12+ years of progressive experience in healthcare compliance, legal, risk management, audit, or related fields.
Strong knowledge of healthcare compliance laws, regulations, and enforcement practices.
Proven ability to influence senior leaders and drive compliant decision‑making in highly regulated environments.
Demonstrated experience in the development and implementation of processes and systems to support risk management programs.
Strong analytical skills, sound judgment, and effective decision‑making and problem‑solving capabilities.
Excellent written and verbal communication skills, with the ability to communicate complex compliance topics clearly.
Strong change management and stakeholder engagement skills are key to successfully embedding the TPRM program into an organization’s operations and continuously improving it over time.
Fluency in English required.

Nice To Haves

Advanced degree or professional certification (e.g., Compliance, Legal, Risk, or Ethics‑related).
Experience in medical devices, pharmaceuticals, or broader life sciences industries.
Experience operating in highly matrixed, multicultural organizations.
Compliance, legal, or ethics certifications preferred but not required.

Responsibilities

Provide strategic direction and governance for the global TPRM program as the BPO, establishing policies, procedures, and oversight structures to manage third-party intermediary risks enterprise-wide.
Set global standards and drive consistency across all regions while accommodating local regulatory requirements.
Develop and maintain a risk-based segmentation and assessment framework for third parties, ensuring each intermediary is categorized by risk level (e.g. by country corruption index, service type, HCP/HCO interactions) to ensure third parties receive appropriate due diligence and oversight.
Oversee robust pre-engagement due diligence processes (e.g. background checks, sanctions screenings, reputation reviews) to identify potential anti-corruption red flags or compliance issues before onboarding new third-party intermediaries.
Ensure due diligence depth is commensurate with the third party’s risk profile.
Partner with Legal in providing contractual safeguards (e.g., Compliance clauses, audit rights, etc.).
Partner with IT and digital teams to define requirements and implement technology solutions (e.g., third-party lifecycle management platforms, due diligence tools, automated workflow systems) that increase efficiency and effectiveness of TPRM processes.
Continuously evaluate new tools (e.g., risk intelligence databases, automation, data analytics platforms) and drive enhancements to keep the program current with best practices and evolving risks.
Drive development of data analytics and reporting capabilities to continuously measure and improve the TPRM program.

Benefits

Employees are eligible to participate in the Company’s consolidated retirement plan (pension) and savings plan (401(k)).
This position is eligible to participate in the Company’s long-term incentive program.
Vacation –120 hours per calendar year
Sick time - 40 hours per calendar year; for employees who reside in the State of Colorado –48 hours per calendar year; for employees who reside in the State of Washington –56 hours per calendar year
Holiday pay, including Floating Holidays –13 days per calendar year
Work, Personal and Family Time - up to 40 hours per calendar year
Parental Leave – 480 hours within one year of the birth/adoption/foster care of a child
Bereavement Leave – 240 hours for an immediate family member: 40 hours for an extended family member per calendar year
Caregiver Leave – 80 hours in a 52-week rolling period
Volunteer Leave – 32 hours per calendar year
Military Spouse Time-Off – 80 hours per calendar year