Security Engineer

About AbbVie

AbbVie’s mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.

Job Summary

Come to work each day with an inclusive and collaborative Business technology team! As a Security Engineer in AbbVie Business Technology Solutions (BTS), you’ll have opportunities to contribute to the digital transformation of a leading biopharma company, helping to create solutions that impact patients and their communities for the better.

As a member of the Information Security Risk Management architecture team, the Security Engineer plays a crucial role in shaping and guiding the organization's security strategy, architecture, and practices, with a focus on security posture and hygiene.

Key Responsibilities

• Design, develop, and implement security controls and solutions that enhance AbbVie’s security hygiene. Ensure that security measures are effectively integrated into IT systems and applications.
• Collaborate with IT, network, and other relevant departments to align security measures with organizational goals and compliance requirements.
• Partner with platform and application teams to establish clear security baseline requirements, following the Center for Internet Security Critical Security Controls known as ‘CIS 18’. The partnership ensures that security best practices are integrated into the development and deployment processes.
• Utilize existing enterprise tools dedicated to vulnerability management, asset inventory, and cyber hygiene to ensure that all assets meet established security baseline requirements.
• Develop custom integrations using APIs or other scripting tools for high-risk applications to enable proactive monitoring of critical security controls.
• Lead posture and hygiene efforts to effectively drive and complete initiatives successfully. The leadership role involves coordinating resources, setting clear objectives, and ensuring sustained focus on enhancing the organization’s security posture.
• Manage documentation such as baselines, Standard Operating Procedures (SOPs), policies, and work instructions in accordance with AbbVie requirements. This responsibility includes ensuring the documents are accurate, up-to-date, and aligned with organizational standards.

Qualifications

• Bachelor’s degree in relevant field and at least 5 years relevant experience OR Master’s degree in relevant field and at least 4 years’ experience.
• Possess a deep understanding of the Center for Internet Security’s Critical Security Controls, specifically the CIS 18 framework.
• Strong working knowledge in configuring common operating systems, including Windows Servers, Windows Desktops, and RedHat Linux, among others.
• Proficient in scripting languages, including Python, Bash, and/or PowerShell.
• Excellent written and oral communication skills.
• Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions.
• Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization.
• Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development lifecycle.

Key skills/competency

• Security Architecture
• Cyber Hygiene
• Vulnerability Management
• CIS 18 Framework
• Scripting (Python, Bash, PowerShell)
• Security Controls
• IT Systems Integration
• Risk Management
• Operating Systems Configuration
• Compliance (GxP, Data Security)