Security Engineer II, Cyber Security Engineering
AbbVie’s mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women’s health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn.
AbbVie Information Security is looking for a highly motivated, diligent, and skillful engineer to join the Cyber Security Engineering (CSE) Team. The CSE Team, working within the Cyber Security Operations (CSO) function, is responsible for designing, deploying, maintaining, and optimizing the toolsets in use by the Information Security teams. Join us as a Security Engineer, Cyber Security Engineering to support and improve our efforts to defend against adversaries and help our business continue to have remarkable impacts on people’s lives.
This role will be primarily responsible for SIEM content creation including and not limited to dashboarding, advanced alerting, correlations, enrichment implementation, and validating outputs while supporting knowledge management.
The ideal candidate should have prior experience with analyzing and validating large data sets, familiarizations with enrichments, ETL, capabilities in data visualizations as well the ability to interpret customer needs into technical outputs.
· Assist with and implement data enrichment, both using existing data sets as well as identifying new sources
· Build, maintain, and improve alerts and scheduled reports based on customer criteria
· Creation and improvement of dynamic analytics dashboards
· Perform compilation, cataloging, distribution, and retrieval of data within the SIEM and other platforms
· Identify, improve, and assist in implementation of data normalization and harmonization activities
· Assist with knowledge object management across multiple teams to reduce duplication of efforts
· Assist in defining data requirements and specifications
· Assist in onboarding and parsing of new data sources
· Provide inputs in the development and documentation of data standards, policies, and procedures
· Troubleshooting and modifications to scripts (e.g., Perl, VBScript, Python)
· Assist with standards and automations in metrics aggregation and dissemination
· Assist in the management and maintenance of data lineage
· Advocate knowledge sharing between information owners/users through operational processes and systems
- Knowledge of cybersecurity, privacy principles, cyber threats, and vulnerabilities
- Prior experience working with ETL in a SIEM environment (ELK, Splunk, Exabeam, LogRhythm, etc)
- Translation of business requirements to technical outputs
- Working knowledge of regular expressions
- Familiarity of data administration and data standardization policies
- Knowledge of database management systems, query languages, table relationships, and views
- Experience in validating data sets and calculations
- Prior experience in implementing and tuning correlation rules Ability to work both independently without direction and within a group for day-to-day activities, including willingness to operate in an Agile team
- Capable of learning new concepts and processes quickly, and adapting to a constantly changing environment
- Comfortable working in Linux and Windows environments
- Minimum 5 years of Information Security experience or equivalent experience in Information Risk Management.
- Demonstrated experience in implementing regular expressions
- Prior experience working in an Agile team
- Experience working with development tools and scripting languages (git / mercurial / subversion; Python / PowerShell / Go)
- Experience analyzing and pivoting on large sets of data, with the ability to identify patterns, anomalies, and outliers
- Skills in developing data models, dictionaries, and reports
- Ability to dissect a problem and examine the interrelationships between data that may appear unrelated
- Ability to identify basic common coding flaws at a high level
- Ability to use data visualization tools for end-user consumption
- Working Knowledge of SIEM tools
- Demonstrated experience in log analysis and parsing of unstructured data (ETL)
Significant Work Activities
Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)
Job Level Code
Equal Employment Opportunity
At AbbVie, we value bringing together individuals from diverse backgrounds to develop new and innovative solutions for patients. As an equal opportunity employer we do not discriminate on the basis of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information gender identity or expression, sexual orientation, marital status, protected veteran status, or any other legally protected characteristic.