Associate Director, Vulnerability Management

Summary

Join AbbVie's Information Security team as an Associate Director, Vulnerability Management! Lead and enhance our vulnerability management program, protecting on-premises, cloud, and third-party assets. Manage a high-performing team, mentor members, and foster career growth. Oversee vulnerability and configuration management tools. Develop and implement key performance metrics to assess program health and remediation effectiveness. Maintain awareness of critical vulnerabilities and emerging threats. Build relationships with stakeholders to drive remediation. Contribute to the team's external exposure methodology. Communicate technical concepts to various stakeholders. Create and improve vulnerability management reports and metrics. Identify tool, standard, and process enhancements; contribute to policies and procedures, and the Attack Surface Management program strategy.

Requirements

• Bachelors Degree and 9 years experience OR Masters Degree and 8 years experience OR PhD and 4 years experience
• A proven track record of at least several years within information security roles, including at least three years managing teams focused on vulnerability management
• Demonstrated experience in leading vulnerability remediation efforts, showcasing the ability to drive initiatives that significantly reduce the time to remediate, especially for critical risks
• Advanced understanding of vulnerability management strategies, standards, procedures, and technologies across infrastructure- and application-level vulnerabilities
• Solid understanding of cloud-based hosting platforms, with background on security threats deriving from Azure and AWS and GCP hosted services being preferred
• Experience with data analytics with large datasets
• Experience in reporting metrics and key performance indicators to senior leadership
• Excellent written and verbal communication and listening skills, with the ability to effectively convey technical insights to technical and non-technical stakeholders

Responsibilities

• Manage and mature a comprehensive vulnerability management program, protecting on-premises, cloud, and third-party assets
• Lead a high-performing Vulnerability Management team, mentoring and developing team members to ensure high performance as well as fostering an environment conducive to career growth
• Oversee the configuration and management of key vulnerability and configuration management tools across AbbVie’s on-premises and cloud environments
• Develop and implement key performance metrics to accurately assess the overall health of AbbVie’s Vulnerability Management program and the effectiveness of identification and remediation efforts, and responding to deviations from expected outcomes
• Maintain awareness of critical vulnerabilities or emerging threats that may impact AbbVie, and maintaining processes to ensure the effective management of those threats
• Building relationships with key stakeholders across the enterprise, with the goal of driving vulnerability remediation and reducing the time it takes to remediate, especially for critical risks
• Manage and contribute to the Vulnerability Management team’s external exposure methodology, including the identification, assessment, and communication of externally-facing threats to the organization
• Communicating technical security concepts to customers, including engineers, architects, and managers to help our business units understand risk and remediation strategies
• Creating, modifying, and maturing vulnerability management reports and metrics to drive remediation of vulnerabilities throughout the AbbVie environment
• Identify enhancements to tools, standards and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Attack Surface Management program on a global basis

Preferred Qualifications

Solid understanding of cloud-based hosting platforms, with background on security threats deriving from Azure and AWS and GCP hosted services being preferred

Benefits

• Paid time off (vacation, holidays, sick)
• Medical/dental/vision insurance
• 401(k)
• Short-term incentive programs
• Long-term incentive programs