AbbVie logo

Application & Platform Security Architect

AbbVie
June 26, 2026
Remote friendly (Atlanta, GA)
United States
$141,500 - $268,500 USD yearly
IT
Responsibilities:
- Define reusable security architecture patterns/guardrails for high-risk applications.
- Drive secure-by-design across the software architecture lifecycle; influence enterprise architecture.
- Advocate for risk-based controls in design authority boards/technical reviews.
- Partner with IT/application teams to define application controls aligned to enterprise standards.
- Create application-specific security control architectures and implementation guidance.
- Support security strategy enforcement and address infrastructure/application risks.
- Liaise with IT delivery/engineering to embed security principles in delivery and architecture reviews.
- Support security for business/IT initiatives across architecture, design, implementation, deployment, and operational transition.
- Research/evaluate/test/recommend new or updated security technologies; assess threats and remediation.
- Foster security culture via education and effective processes.
- Ensure compliance with relevant policies (incl. GxP, data security, SDLC).
- Lead application threat modeling and propose design changes to mitigate risks.

Required Qualifications:
- Bachelorโ€™s + 9 yrs OR Masterโ€™s + 8 yrs OR PhD + 4 yrs in info security/related (IT Audit, Risk Mgmt, Security Architecture).
- Strong ability to assess/communicate with business and IT stakeholders.
- In-depth SDLC knowledge; strong application security (OWASP Top 10, SANS/CWE Top 25, secure coding).
- Expertise in session management, tokens, authentication (OAuth, SAML, OpenID Connect); crypto/encryption/PKI.
- Docker/Kubernetes and cloud (AWS, Azure, GCP); DevSecOps/CI/CD security.
- Security testing/scanning tools (e.g., SonarQube/Veracode, Burp Suite/Nessus).
- Cloud risk mgmt and security areas (IAM, network security, auditing, secrets, data protection).
- Identity security (least privilege, separation of duties, Zero Trust); federation/encryption standards.
- Security architecture documentation/planning (strategic/tactical/project).
- Significant SOX & HIPAA (ITGC) via audit/remediation/validation.
- Knowledge of ISO/NIST frameworks; strong influencing/communication and cross-functional collaboration.

Preferred:
- CISSP (preferred, not required).
- Plus knowledge of identity management/federated identity, incident management, access control, vulnerability testing, PKI, Windows/Unix-Linux, public cloud services.

Benefits:
- Paid time off; medical/dental/vision insurance; 401(k).
- Eligible for long-term incentive programs.