Senior Security Engineer - Cybersecurity Posture, Hygiene & AI

Company Description

Abb Vie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas - immunology, oncology, neuroscience, and eye care - and products and services in our Allergan Aesthetics portfolio. For more information about Abb Vie, please visit us at  Follow @abbvie on X, Facebook, Instagram, You Tube, Linked In and Tik Tok () .

Job Description

Come to work each day with an inclusive and collaborative technology team. As a Senior Security Engineer - Cybersecurity Posture, Hygiene & AI Enablement in Abb Vie Business Technology Solutions (BTS), you will have opportunities to contribute to the digital transformation of a leading biopharma company, helping to create solutions that impact patients and their communities for the better.

This position can be based virtually anywhere in the U.S.

As a member of the Information Security Risk Management (ISRM) Architecture team, the Senior Security Engineer plays a crucial role in shaping and guiding the organization's security strategy, architecture, and practices, with a focus on cybersecurity posture, hygiene, and the effective and responsible use of AI to improve security outcomes at scale.

Responsibilities

+ Provide technical leadership, mentoring, and consultation with less experienced team members to improve the overall cybersecurity posture and hygiene program

+ Prioritize remediation efforts by ensuring a risk-based approach is followed when addressing discovered configuration drift

+ Develop scripts to leverage in-scope application APIs to extract cybersecurity hygiene and posture data to verify configuration settings

+ Create dashboards and alerts to inform key stakeholders of configuration drift and required remediation activities

+ Partner with engineers and key stakeholders to document CIS baselines based on internal requirements

+ Collaborate with internal cybersecurity teams to identify opportunities for incorporating systems into the cybersecurity posture and hygiene program

+ Drive platform compliance to ensure on-premises and hosted assets are continuously monitored for configuration drift

+ Apply a strong working understanding of artificial intelligence (AI) and machine learning concepts, including how models are trained, where they are effective, and where human validation is required, particularly in cybersecurity use cases

+ Ensure AI is used appropriately and responsibly within posture and hygiene workflows, including validating AI generated insights, preventing over reliance on automation, and confirming outputs align with established security baselines and risk tolerance

+ Provide technical leadership, mentoring, and consultation with less experienced team members to improve overall cybersecurity posture and hygiene program

+ Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including Code of Conduct, safety, GxP compliance, data security, and the software development lifecycle

Qualifications

+ Bachelor's Degree with 6 years' experience;
Master's degree with 5 years' experience; or PhD with 0 years' experience in information security and/or related functions (IT Audit, Risk Management, or Security Architecture)

+ Strong understanding of current cybersecurity tool capabilities as they pertain to continuous monitoring for configuration drift, including tools such as Tenable, Crowd Strike, and Windows Defender

+ Proficiency in using Splunk to perform data analysis and security monitoring effectively

+ Proven ability to leverage scripting languages such as Python, Bash, and Power Shell to interface with in-scope applications using available APIs

+ Expert knowledge of operating systems, networking protocols, system administration, Xasa Service models, applications, and security technologies

+ Proficient understanding of cybersecurity frameworks, including the CIS Critical Security Controls (CIS 18), NIST CSF, and NIST 80053

+ Excellent written and oral communication skills

+ Strong problem-solving and…