Senior Security Engineer

Summary

Join AbbVie's Business Technology Solutions (BTS) as a Senior Security Engineer and contribute to the digital transformation of this leading biopharma company. This role, based virtually anywhere in the U.S., involves shaping the organization's security strategy, architecture, and practices, focusing on cyber posture and hygiene. You will provide technical leadership and mentorship to team members, prioritize remediation efforts using a risk-based approach, and develop scripts to extract cyber hygiene and posture data. The position also includes creating dashboards and alerts, collaborating with internal teams, driving platform compliance, and ensuring adherence to corporate standards. This is an opportunity to make a significant impact on patient care while working with a collaborative and inclusive technology team.

Requirements

• Bachelor’s Degree with 6 years’ experience; master’s degree with 5 years’ experience; PhD with 0 years’ experience in information security and/or related functions (IT Audit, Risk Management, or Security Architecture)
• Strong understanding of current cybersecurity tool capabilities as it pertains to continuous monitoring for configuration drift, including tools such as Tenable, CrowdStrike, and Windows Defender
• Proficiency in using Splunk to effectively perform duties related to data analysis and security monitoring
• Proven ability to leverage scripting languages, such as Python, Bash, and PowerShell, to interface with in-scope applications using available APIs
• Expert knowledge of operating systems, networking protocols, system administration, X as a service, applications, and security technologies
• Proficient understanding of cybersecurity frameworks, including the CIS Critical Security Controls (CIS 18), NIST CSF, and NIST 800-53
• Excellent written and oral communication skills
• Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions
• Highly autonomous and productive in performing activities, requiring only minimal direction from or interaction with manager

Responsibilities

• Provide technical leadership, mentoring, and consultation with less experienced team members to improve overall cyber posture and hygiene program
• Prioritize remediation efforts by ensuring a risk-based approach is followed when addressing discovered configuration drift
• Develop scripts to leverage in-scope application APIs to extract cyber hygiene and posture to verify configuration settings
• Create dashboards and alerts to inform key stakeholders of configuration drift and required remediation activities
• Partner with engineers and key stakeholders to document CIS baselines based on internal requirements
• Collaborate with internal cybersecurity teams to identify opportunities for incorporating systems in the cyber posture and hygiene program
• Drive platform compliance to ensure on-prem and hosted assets are continuously monitored for configuration drift
• Provide technical leadership, mentoring, and consultation with less experienced team members to improve overall cyber posture and hygiene program
• Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development cycle

Preferred Qualifications

Professional cybersecurity and relevant industry certifications (CISSP, CEH, CompTIA Security+, CCSP, GSEC) are highly desirable

Benefits

• Paid time off (vacation, holidays, sick)
• Medical/dental/vision insurance
• 401(k)