Senior Security Engineer
Company Description
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.
Job Description
Come to work each day with an inclusive and collaborative technology team. As a Senior Security Engineer in AbbVie Business Technology Solutions (BTS), you will have opportunities to contribute to the digital transformation of a leading Biopharma company, helping to create solutions that impact patients and their communities for the better. This position can be based virtually anywhere in the U.S.
As a member of the Information Security Risk Management architecture team, the Senior Security Engineer plays a crucial role in shaping and guiding the organization's security strategy, architecture, and practices, with a focus on cyber posture and hygiene.
Responsibilities
Provide technical leadership, mentoring, and consultation with less experienced team members to improve overall cyber posture and hygiene program
Prioritize remediation efforts by ensuring a risk-based approach is followed when addressing discovered configuration drift
Develop scripts to leverage in-scope application APIs to extract cyber hygiene and posture to verify configuration settings
Create dashboards and alerts to inform key stakeholders of configuration drift and required remediation activities
Partner with engineers and key stakeholders to document CIS baselines based on internal requirements
Collaborate with internal cybersecurity teams to identify opportunities for incorporating systems in the cyber posture and hygiene program
Drive platform compliance to ensure on-prem and hosted assets are continuously monitored for configuration drift
Provide technical leadership, mentoring, and consultation with less experienced team members to improve overall cyber posture and hygiene program
Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development cycle
Qualifications
Bachelor’s Degree with 6 years’ experience; master’s degree with 5 years’ experience; PhD with 0 years’ experience in information security and/or related functions (IT Audit, Risk Management, or Security Architecture).
Strong understanding of current cybersecurity tool capabilities as it pertains to continuous monitoring for configuration drift, including tools such as Tenable, CrowdStrike, and Windows Defender.
Proficiency in using Splunk to effectively perform duties related to data analysis and security monitoring
Proven ability to leverage scripting languages, such as Python, Bash, and PowerShell, to interface with in-scope applications using available APIs.
Expert knowledge of operating systems, networking protocols, system administration, X as a service, applications, and security technologies.
Proficient understanding of cybersecurity frameworks, including the CIS Critical Security Controls (CIS 18), NIST CSF, and NIST 800-53.
Excellent written and oral communication skills
Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions
Professional cybersecurity and relevant industry certifications (CISSP, CEH, CompTIA Security+, CCSP, GSEC) are highly desirable
Highly autonomous and productive in performing activities, requiring only minimal direction from or interaction with manager
Additional Information
Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:
The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
This job is eligible to participate in our short-term incentive programs.
Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:
https://www.abbvie.com/join-us/reasonable-accommodations.html
About the job
Apply for this position
Senior Security Engineer
Company Description
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.
Job Description
Come to work each day with an inclusive and collaborative technology team. As a Senior Security Engineer in AbbVie Business Technology Solutions (BTS), you will have opportunities to contribute to the digital transformation of a leading Biopharma company, helping to create solutions that impact patients and their communities for the better. This position can be based virtually anywhere in the U.S.
As a member of the Information Security Risk Management architecture team, the Senior Security Engineer plays a crucial role in shaping and guiding the organization's security strategy, architecture, and practices, with a focus on cyber posture and hygiene.
Responsibilities
Provide technical leadership, mentoring, and consultation with less experienced team members to improve overall cyber posture and hygiene program
Prioritize remediation efforts by ensuring a risk-based approach is followed when addressing discovered configuration drift
Develop scripts to leverage in-scope application APIs to extract cyber hygiene and posture to verify configuration settings
Create dashboards and alerts to inform key stakeholders of configuration drift and required remediation activities
Partner with engineers and key stakeholders to document CIS baselines based on internal requirements
Collaborate with internal cybersecurity teams to identify opportunities for incorporating systems in the cyber posture and hygiene program
Drive platform compliance to ensure on-prem and hosted assets are continuously monitored for configuration drift
Provide technical leadership, mentoring, and consultation with less experienced team members to improve overall cyber posture and hygiene program
Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development cycle
Qualifications
Bachelor’s Degree with 6 years’ experience; master’s degree with 5 years’ experience; PhD with 0 years’ experience in information security and/or related functions (IT Audit, Risk Management, or Security Architecture).
Strong understanding of current cybersecurity tool capabilities as it pertains to continuous monitoring for configuration drift, including tools such as Tenable, CrowdStrike, and Windows Defender.
Proficiency in using Splunk to effectively perform duties related to data analysis and security monitoring
Proven ability to leverage scripting languages, such as Python, Bash, and PowerShell, to interface with in-scope applications using available APIs.
Expert knowledge of operating systems, networking protocols, system administration, X as a service, applications, and security technologies.
Proficient understanding of cybersecurity frameworks, including the CIS Critical Security Controls (CIS 18), NIST CSF, and NIST 800-53.
Excellent written and oral communication skills
Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions
Professional cybersecurity and relevant industry certifications (CISSP, CEH, CompTIA Security+, CCSP, GSEC) are highly desirable
Highly autonomous and productive in performing activities, requiring only minimal direction from or interaction with manager
Additional Information
Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:
The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
This job is eligible to participate in our short-term incentive programs.
Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:
https://www.abbvie.com/join-us/reasonable-accommodations.html