Senior Security Analyst I
Are you a Cyber Security Specialist? Do you want to be on the cutting edge in the fastest growing specialty in the world? Then the Information Security team at AbbVie Inc is looking for you. The right selectee will become part of a team with global responsibilities that include analyzing and responding to information security incidents, interfacing with business interests and providing needed insight into security matters. If you make the cut, you not only protect information you will protect people's lives. At AbbVie Inc we are patient focused and as a part of information security you will keep that focus.
The Senior Security Analyst, working within AbbVie's enterprise-wide information security team, will analyze and respond to information security incidents as part of a team, help develop processes and procedure for first responders, assist in the planning and coordination of containment and remediation activities as needed. Be able to interact with AbbVie's managed security services provider, as well as internal teams, this individual will be part of the validation of incident reports, determine security impact, and escalate as needed. The ideal candidate will have forensics experience and malware analysis experience.
- Respond to computer security incidents according to AbbVie's Cyber Security Incident Response Plan.
- Provide guidance to first responders for handling information security incidents.
- Act as a Senior Incident Coordinator
- Perform digital/forensic analysis f systems, network traffic, and other digital data.
- Identify capability gaps and assist in developing those capabilities r implementing technology as needed.
- Interpret and summarize technical information for presentation to non-technical business contacts.
- Examine lg, system, and malware data to assess incident scope and impact.
- Prepare formal reports n incident findings.
- Responding to incidents ff-hours and n-call as needed.
- Identify changes required for existing security technologies including IDS systems and SIEM platform
- Validate and help maintain incident Response plan and processes t address potential threats.
- Identify documentation gaps and assist in developing the necessary documentation to support AbbVie's incident Response capabilities.
- Compile and analyze data for management reporting and metrics.
- Provide timely and relevant updates t management and appropriate stakeholders.
- Coordinate efforts among multiple business units during Response.
Required Technical Skills
- Expert level understanding of cyber security incident Response
- Expert level understanding of Windows S
- Advanced level understanding of TCP/IP Networking
- Expert level understanding of intrusion-focused system forensics
- Advanced level understanding of malware analysis
- Familiarity with network and enterprise architecture
Other Required Skills
- Ability to author clear and concise incident reports
- Ability to successfully interact with non-technical business contacts
- Ability to work independently for day to day activities.
- Ability to work extremely well under pressure while maintaining a professional image and approach
- Exceptional information analysis abilities; ability to perform independent analysis and distill relevant findings and root cause
- Experience creating and presenting documentation and management reports
- Team player with proven ability to work effectively with their business units, IT management and staff, vendors, and consultants
Education and Experience
- Minimum 5 years of experience in an information security discipline, with three or more years of practical experience in an incident Response role or Threat Hunting role.
- Bachelor's degree in management information systems, computer science, r related discipline is desired.
- CISSP, GCIH, GCFA, CISA, CISM, GREM certification(s) and preferred but not required.
Additional Desired Skills
- Experience with forensic tools, such as Encase r FTK
- Experience with investigating malicious code, including leveraging malware analysis tools and sandboxes
- Experience with SQL databases
- Experience with SIEM and/r lg management tools
- Familiarity with security regulatory requirements and standards (such as NIST 800 series, IS 2700x series, GLBA, FFIEC)
- Expert level understanding of Linux/Unix/Mac S
- Advanced level understanding of cyber security incident Response
- Advanced scripting knowledge with any scripting language, such as Python or PowerShell
- Expert Level of understanding of Networking
- Experience with computer Forensic Tools
- Understanding of Programing in C+, Java Script, Assembly
- Understanding of Machine Learning
- Understanding of Artificial Intelligence
- Understanding of Quantum Computers