Allergan Data Labs is hiring a
Staff Application Security Engineer

Summary

The job is for a Staff Application Security Engineer at Allergan Data Labs., a subsidiary of AbbVie. The role involves designing and implementing security solutions for cloud-based applications and infrastructure, collaborating with cross-functional teams to develop and implement effective security measures, and staying informed about cloud and application security regulations and standards.

Requirements

• Bachelor's degree in Computer Science, Information Technology, or a related field
• Solid understanding of application security concepts, secure coding practices, and common vulnerabilities (e.g., OWASP Top 10)
• Experience with security testing tools, such as static analysis, dynamic analysis, and penetration testing tools
• Strong knowledge of web application and network protocols (e.g., HTTP, HTTPS, TCP/IP, DNS)
• Familiarity with various programming languages (e.g., Java, C#, Python) and frameworks
• Proficiency in using security tools and technologies, such as SAST, DAST, IAST and WAF
• Knowledge of secure SDLC practices and methodologies
• Strong analytical and problem-solving skills, with the ability to think creatively to find innovative solutions to complex security challenges
• Excellent communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams

Responsibilities

• Design, implement, and manage the security solutions program for cloud-based applications and infrastructure
• Solve systematic problems for production security in a product, marketing and data science environment throughout the software development lifecycle
• Implement and maintain secure coding practices, identify vulnerabilities, and ensure the overall security of our applications
• Collaborate with and serve as an advisor to cross-functional teams to develop and implement effective security measures, conduct regular security assessments, and provide guidance on security best practices
• Design, establish and maintain secure standards for technology including but not limited to Networking, Serverless, Kubernetes, Access Management (IAM/Service Accounts), Secure CI/CD, Cloud Security and Application Security
• Partner with internal security teams to provide and solicit security guidance, drive adoption of security initiatives and transform them into actionable strategy
• Serve as a subject matter expert in providing security design guidance for complex systems

Preferred Qualifications

Relevant security certifications (e.g., CASE, CISSP, CSSLP, CEH) are a plus

Benefits

• Competitive salary
• Competitive annual bonus targets
• 401k with dollar for dollar match, up to 6% of eligible earnings (base, bonus). Plus additional company contribution
• RSU grants (Long Term Incentives) for approved roles
• Comprehensive medical, dental, vision and life insurance
• 17 paid holidays per year, including 3 floating holidays
• Annual Paid Time Off (PTO), with separate sick days
• 12 weeks paid Parental Leave
• Caregiver Leave
• Adoption and Surrogacy Assistance Plan
• Flexible workplace accommodations
• Opportunities to attend Lakers, Knicks, Anaheim Ducks, Anaheim Angels and NY Rangers games
• Opportunities to attend concerts, festivals and other live entertainment events in recognition of delivering great work
• Tuition reimbursement
• Attend a tech or marketing conference of your choice each year
• A MacBook Pro and accompanying hardware to do great work
• A modern productivity toolset to get work done: Slack, Miro, Loom, Lucid, Google Docs, Atlassian and more
• Generous discounts on SkinMedica skin care products
• Discounted aesthetic treatment days multiple times a year
• $600 worth of Alle benefits each year to use towards aesthetic treatments and products
• Eligible for donation matching to over 1.5 million nonprofit organizations
• Attend AWS Re:Invent in person (Las Vegas) or virtually each year (for certain roles)