Sr. Analyst - Information Security
AbbVie’s mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women’s health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn.
The Sr. Analyst, Information Security works with various internal and external groups to ensure that AbbVie information security policies, practices, and procedures are properly implemented within AbbVie Business Programs. The analyst reviews business programs, projects, and initiatives from inception, throughout the implementation, to end of life, to ensure that appropriate security controls are applied throughout the entire lifecycle.
- Establishes and maintains strong relationships with IT and Business group leaders to understand goals, programs and strategic objectives. Evaluates and articulates program security requirements; identifies potential security risk factors and business impacts.
- Engages AbbVie Third Party Suppliers to assess security posture, remediation requirements and compensating controls as they apply to Business Programs.
- Develops in-depth knowledge of AbbVie Information Security policies, processes and procedures, as well as compliance processes and initiatives in order to provide subject matter expertise and guidance to other organizations (Commercial, R&D, Audit, Legal, Purchasing, etc.) within AbbVie.
- Provides Information Security expertise and guidance to Business group leaders and IT Owners to ensure an appropriate balance between security risks and business enablement for identified business programs and initiatives.
- Acts as central point of contact with regard to Information Security matters and AbbVie security policies for AbbVie Purchasing, Legal/Privacy and Quality during the supplier evaluation and contract negotiation process.
- Reviews current technology and information policies and practices for continued applicability with respect to AbbVie commercial and R&D business programs. Provides recommendations for improvements.
- Minimum of 5 years Information Security experience or equivalent experience in Information Risk Management.
- Good experience in Information Security or Information Risk Management.
- Certified Information Systems Security Professional (CISSP) or other equivalent certifications required.
- Strong experience and up to date knowledge in Open Systems, Windows, Mobility, Internet and network security products and platforms, including user authorization, encryption tools and techniques, communication protocols, vulnerability assessments, data loss and penetration testing, and secure coding.
- Mix of IT operations and business program experience required.
- Demonstrated skills in project management, collaboration, communication and organizational skills required.
- Information Security Consulting background and experience preferred.
- Written and verbal communication skills are critical.
- Adept at communicating concepts to diverse audiences with varying skill sets.
Bachelor’s Degree with 6 years of total experience or Masters degree with 5 years of experience
Significant Work Activities
Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)
Job Level Code
Equal Employment Opportunity
At AbbVie, we value bringing together individuals from diverse backgrounds to develop new and innovative solutions for patients. As an equal opportunity employer we do not discriminate on the basis of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information gender identity or expression, sexual orientation, marital status, protected veteran status, or any other legally protected characteristic.