Cloud Security Architect

AbbVie's Information Security team is looking for a candidate to join an exciting, high performing organization. The Information Security Cloud Architect, working within AbbVie's enterprise-wide information security team, will be responsible for ensuring security has been implemented in new and existing cloud technologies. The Information Security team is looking for a highly motivated, self-driven individual that is never satisfied with the status quo. This role is expected to design solutions that enforce security best-practices for cloud operations, including participating and guiding new cloud deployments. Including working with technical architects and engineers to develop secure solutions that mitigate high-risk areas. This role will also be expected to bring new technologies and designs to the table to enable competitive advantage and ensure protection of reputation and intellectual property.

Major Duties and Responsibilities:

• Implementation of industry leading practices around cyber risks and Cloud security
• Designing and developing Cloud-specific security policies, standards and procedures e.g. firewall management, SSL/IPSec, security incident and event management (SIEM), data protection (DLP, encryption), user account management (SSO, SAML), and password/key management.
• Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure cloud technology solutions.
• Research, evaluate, design, test, recommend and plan the implementation of new or updated information security cloud technologies.
• Play an advisory role in cloud projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed.
• Evaluate security controls employed by cloud service and other third party providers to ensure information assets are adequately protected.

Experience and Skills

• 8 + years' work experience in information security and/or related functions (such as IT Audit, Risk Management or Security Architecture). During recent history, candidate must have demonstrated exceptional ability to assess and communicate information security concepts and practices, with both business and IT stakeholders.
• Proven implementation of creative technology solutions that advance the business.
• Excellent written and oral English communication skills.

Specifically, we're looking for:

• Experience with one or more major cloud technologies like AWS, Azure, or Google cloud.
• Has participated in the design, implementation, and migration to a cloud environment.
• Specially have working experience to the following cloud security concepts; identity and compliance related disciplines such as IAM, account management, storage policies, WAF, DDoS, compliance tools, key management, logging and monitoring, data protection, etc.
• Exposure or understanding of the following concepts, practices, and technologies: network security and perimeter security, firewalls, IDS/IPS, SIEM, workstation, mobile device, and network design standards.
• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project.
• Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization, able to mentor team members with diverse backgrounds.
• Ability to formulate network security architecture vision and translate vision into execution.
• Thorough understanding of Information Security frameworks and good practices (e.g. CSA), and proven ability to strike a balance between an academic and pragmatic approach.

Requirements:

• Relevant work experience is important for successful performance of this role due to the complexity of our global IT Security environment.
• Information security qualification such as ISC2 - Certified Cloud Security Professional is preferred.
• Recent work experience health care/life science organization is a plus.