Information Security Lead - Pharmacy

Lake County, IL, United States
Feb 19, 2021
Required Education
Bachelors Degree
Position Type
Full time
About AbbVie
AbbVie's mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women's health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at . Follow @abbvie on Twitter , Facebook , Instagram , YouTube and LinkedIn .

Pharmacy Solutions - Information Security Lead

Role Description

This role is responsible for advising Pharmacy Solutions in relation to Information Security ("IS") best practices, in addition to adherence with the AbbVie IS policies and global security standards. The lead collaborates with Pharmacy Solutions Privacy Officer while providing internal and third party InfoSec consulting support and ensures risk is managed according to the acceptable business risk level defined by AbbVie Leadership.


The ISO will drive Information Security activities within the Pharmacy Solutions business unit by:
  • Assessing Pharmacy Solutions systems compliance with HIPAA controls and oversee strategic and technical improvements
  • Developing the InfoSec. Architecture & strategy for Pharmacy Solutions in accordance with AbbVie Global InfoSec Strategy with a roadmap and priorities for InfoSec. initiatives
  • Promoting training and awareness of IS and risk management throughout the Pharmacy Solutions business unit
  • Assess the technical and procedural security controls to determine gaps, identify a strategy to mitigate those gaps, and oversee or implement corrective action
  • Prioritizing and delegating risk assessment activities and ensuring that action items are carried out in a timely and effective manner
  • Designing, implementing, and supporting business unit specific security technologies and processes
  • Liaise with business unit Senior Management in times of an Information Security response action (crisis response)
  • Advise Pharmacy Solutions IT Leadership of changes in the technical, legal, and regulatory arenas impacting Information Security


Experience Requirements
  • Bachelors Degree
  • 5-8 years IT experience in a combination of IT roles encompassing application, platform, and/or network technologies
  • 3-5 years of direct Information Security experience involving design, implementation, management, and/or auditing of IT systems within an enterprise environment
  • 1-2 Years of experience in a regulated environment (e.g. Pharmaceutical, Financial/Insurance, HealthCare)
  • Experience with Information Security for HIPAA covered entities is preferred.
  • Knowledge, including respective experience, of audit preparation, execution, and response related to PCI, SOX, HIPAA, SSAE16, and/or HITRUST.

Desired Skills
  • Thorough understanding of application, platform, and network security concepts
  • CISM, CISSP, or equivalent certification (active in past 3 years)
  • Fundamental understanding of Pharmaceutical business
  • Training and/or certification focused on HIPAA or HITRUST compliance
  • Ability to explain Security concepts in simple terms to business
  • Proven relationship management and influencing skills for both technical and non-technical audiences
  • Program Management capabilities (e.g. Service Delivery, Budget, Performance Management)

Significant Work Activities
Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)
Yes, 5 % of the Time
Job Type
Job Level Code
Equal Employment Opportunity
At AbbVie, we value bringing together individuals from diverse backgrounds to develop new and innovative solutions for patients. As an equal opportunity employer we do not discriminate on the basis of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information gender identity or expression, sexual orientation, marital status, protected veteran status, or any other legally protected characteristic.