Third Party Risk Management Crown Jewels Risk Manager

AbbVie Logo

AbbVie

📍Remote - United States

Summary

Join AbbVie's Information Security Risk Management (ISRM) – Cybersecurity Third Party Risk Management (TPRM) team as a senior-level cybersecurity professional. This role involves leading and managing AbbVie's top-tier annual third-party cybersecurity risk assessments using the SOC2 Type II assessment protocol. Responsibilities include executing cybersecurity evaluations, managing projects, working with stakeholders, and reporting to executive leadership. The position offers the flexibility of being located virtually anywhere in the U.S. AbbVie provides a comprehensive benefits package, including paid time off, medical/dental/vision insurance, and 401(k). This role also offers participation in short-term and long-term incentive programs.

Requirements

  • Bachelors Degree and 7 years of experience OR Master’s Degree and 6 years of experience or PHD and 2 years of experience
  • Must have in depth experience with third-party SOC 2 Type II reports
  • Familiarity of security controls, concepts, and frameworks (e.g., ISO and NIST)
  • Ability to communicate complex technical security practices to non-technical resources
  • Familiarity with cybersecurity terminology, concepts, and understanding of the cyber threat landscape and attack vectors
  • Capable of learning new concepts and processes quickly
  • Adaptable to a constantly changing environment
  • Demonstrated critical thinking, problem solving, and analytical skills
  • Strong organization skills with a focus on details
  • Strong written and verbal communication skills with an elevated level of professionalism
  • Ability to work independently and effectively as part of a team

Responsibilities

  • Perform and identify areas of process improvement
  • Function as the lead on critical program initiatives
  • Manage independent projects
  • Work directly with Business Owners and Key Stakeholders on at-risk third-party evaluations
  • Conduct cybersecurity evaluations on AbbVie top tier third parties leveraging SOC 2 Type II reports
  • Analyze cybersecurity controls in relation to AbbVie top tier due diligence rigor and challenge
  • Manage escalations across internal and external key stakeholders
  • Thoroughly document standard operating procedures and controls
  • Self-identify program enhancements and third-party risk outliers to management
  • Manage identified risk to completion, including validation of remediation efforts and/or acceptance
  • Adhere to cyber security processes, procedures, reporting and metrics while performing risk management duties

Benefits

  • Paid time off (vacation, holidays, sick)
  • Medical/dental/vision insurance
  • 401(k)
  • Short-term incentive programs
  • Long-term incentive programs

Remote

Cybersecurity

Senior

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.