Application Security Analyst

Employer: AbbVie
Location: Lake County, IL, US
Start date: Jan 3, 2019

Discipline: Information Technology, Applications/Technical Support, Information/Data Security
Required Education: Bachelors Degree
Position Type: Full time
Hotbed: BioMidwest, Best Places to Work

Send job

Job Details
Company

Job Details

Key Responsibilities Include:

Maintains awareness of the latest critical information security vulnerabilities, threats, and exploits
Provide guidance on existing and emerging threats in the web and mobile application space, as they apply within the AbbVie environment.
Conducts and facilitate security reviews throughout the application development lifecycle including tasks such as:
Designing, performing, and improving security assessments for AbbVie applications across the enterprise.
Static (SAST) & Dynamic (DAST) Application Security Testing and/or penetration testing of applications and source code, auditing results with development and/or security teams and offering plans for remediation of vulnerabilities.
Communicating technical application security concepts to customer, including developers, architects, and managers.
Training customer staff on application security and remediation of application security code defects.
Identify enhancements to tools, standards and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Application Risk program on a global basis.

Basic:

5 years of direct enterprise level software development experience in any of the following:
• Java/JSP
• .Net Framework (C#, VB, ASP)
• Web Applications (N-Tier)
• Mobile / Application Services
3 years of direct application security and/or security developer experience
Demonstrate subject matter expert level knowledge of web application vulnerabilities and web application business logic flaws and threats.
Demonstrate in-depth, understanding of application architectures and technology; including web applications, mobile technology, data encryption, and identity and access management.
Demonstrate a strong background in development, security testing, and writing security user stories and detailed technical specifications for security in application and product designs.
Demonstrate skills in project management, collaboration, communication, and organizational skills.
Hands-on Experience with manual vulnerability testing and static code analysis is strongly desired.
Proficient with Tools such as HP Web Inspect, HP Fortify SCA, IBM AppScan and manual tools such as Burp Suite, ZAP Proxy, Dirbuster, Nikto, metasploit, SOAPUI and other open source security tools.
Candidate must have deep understanding of security controls such as Authentication, Authorization, Access Control, Cryptography, and Network Protocols along with security standards: OWASP Top 10, SANS 25, NIST, and CVE.
Certification such as OSCP, OSWE or ECSA is a plus
Written and verbal communication skills are critical.
Adept at communicating concepts to diverse audiences with varying skill sets.

Equal Opportunity Employer Minorities/Women/Veterans/Disabled

Company

AbbVie’s mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women’s health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, and YouTube.

Stock Symbol: ABBV

Stock Exchange: NYSE

Company info

Website: http://www.abbvie.com/
Phone: 1-800-255-5162
Location: 1 North Waukegan Road
North Chicago
Illinois
60064
US

Send job

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert