Information Security Engineer

Employer
AbbVie
Location
Lake County, IL, US
Posted
Apr 20, 2019
Ref
1902898
Required Education
Bachelors Degree
Position Type
Full time
AbbVie's Information Security team is looking for a candidate to join an exciting, high performing organization. The Information Security Engineer, working within AbbVie's enterprise-wide information security team, will be responsible for ensuring security has been implemented in new and existing technologies in the environment. The Information Security team is looking for a highly motivated, self-driven individual that is never satisfied with the status quo. This role is expected to build relationships with other IT teams and provides the appropriate recommendations to protect the organization.

Major Duties and Responsibilities:

  • Support security aspects of business & IT initiatives by assisting in architecture, engineering, design, implementation, deployment, and operational transition of innovative & secure technology solutions.
  • Establish collaborative working relations with the Information Technology functions to ensure that solutions align with security policies and best practices.
  • Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned.
  • Develop plans for security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices. Additionally, developing requirements for public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as Windows and Unix server infrastructure, messaging, end user computing devices, and software; adhering to industry standards.
  • Evaluate and engineer security controls employed by Cloud service and other third-party providers to ensure information assets are adequately protected.
  • Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development lifecycle


Experience and Skills

  • 5+ years' work experience in information security and/or related functions (such as IT Audit, Risk Management or Infrastructure). During recent history, candidate must have demonstrated exceptional ability to assess and communicate information security concepts and practices, with IT stakeholders.
  • Requires in-depth knowledge of the systems development life cycle, client area's functions and systems, and systems applications programs development technological alternative
  • Proven implementation of creative technology solutions that advance the business.
  • Excellent written and oral English communication skills.


Specifically, we're looking for:

  • Understanding of the following concepts, practices, and technologies: network security and perimeter security, firewalls, IDS/IPS, SIEM, workstation, mobile device, and network design standards.
  • Understanding the following concepts is a plus; identity management, federated identity services, incident management, access control, end-point protections, desktop security tools, anti-malware solutions, application vulnerability testing, public key infrastructure, Windows, and Unix/Linux.
  • Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization, able to mentor team members with diverse backgrounds.
  • Understanding of Information Security frameworks and good practices (e.g. ISO, NIST), and proven ability to strike a balance between an academic and pragmatic approach.


Requirements:

  • Relevant work experience is important for successful performance of this role due to the complexity of our global IT Security environment.
  • Information security qualification such as CISSP is preferred.