Security Engineer (Remote)

Role Summary

Security Engineer (Remote) responsible for shaping and guiding AbbVie's security strategy, architecture, and practices with a focus on security posture and hygiene within the Information Security Risk Management architecture team.

Responsibilities

• Design, develop, and implement security controls and solutions that enhance AbbVie‚Äôs security hygiene. Ensure that security measures are effectively integrated into IT systems and applications
• Collaborate with IT, network, and other relevant departments to align security measures with organizational goals and compliance requirements
• Partner with platform and application teams to establish clear security baseline requirements, following the Center for Internet Security Critical Security Controls known as ‚ÄòCIS 18‚Äô. The partnership ensures that security best practices are integrated into the development and deployment processes.
• Utilize existing enterprise tools dedicated to vulnerability management, asset inventory, and cyber hygiene to ensure that all assets meet established security baseline requirements
• Develop custom integrations using APIs or other scripting tools for high-risk applications to enable proactive monitoring of critical security controls
• Lead posture and hygiene efforts to effectively drive and complete initiatives successfully. The leadership role involves coordinating resources, setting clear objectives, and ensuring sustained focus on enhancing the organization‚Äôs security posture
• Manage documentation such as baselines, Standard Operating Procedures (SOPs), policies, and work instructions in accordance with AbbVie requirements. This responsibility includes ensuring the documents are accurate, up-to-date, and aligned with organizational standards

Qualifications

• Bachelor‚Äôs degree in relevant field and at least 5 years relevant experience OR Master‚Äôs degree in relevant field and at least 4 years‚Äô experience.
• Possess a deep understanding of the Center for Internet Security‚Äôs Critical Security Controls, specifically the CIS 18 framework.
• Strong working knowledge in configuring common operating systems, including Windows Servers, Windows Desktops, and RedHat Linux, among others.
• Proficient in scripting languages, including Python, Bash, and/or PowerShell.
• Excellent written and oral communication skills
• Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions.
• Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization.
• Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development lifecycle.

Skills

• Security architecture and risk management
• Vulnerability management and cyber hygiene
• Security controls design and implementation
• API integration and scripting
• Cross-functional collaboration and communication