Company Description
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.
Job Description
AbbVie Information Security is looking for an experienced and skilled leader to join the Vulnerability Management (VM) team. AbbVie’s Vulnerability Management team protects AbbVie’s patients, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks. Vulnerability Management is a capability of AbbVie’s Attack Surface Management team and sits within the larger Cyber Security Operations (CSO) function. Join us as Associate Director, Vulnerability Management to lead and improve our efforts to identify, understand, and reduce AbbVie’s attack surface and help our business continue to have a remarkable impact on people’s lives.
This position can be virtual anywhere in the U.S.
The Associate Director is the leader of the Vulnerability Management team and works with internal and external groups to identify and drive remediation of information security risks. The ideal candidate will have a proven track record of building and managing large-scale vulnerability management programs in complex, global environments.
In this role, you’ll be responsible for:
Managing and maturing a comprehensive vulnerability management program, protecting on-premises, cloud, and third-party assetsLeading a high-performing Vulnerability Management team, mentoring and developing team members to ensure high performance as well as fostering an environment conducive to career growthOverseeing the configuration and management of key vulnerability and configuration management tools across AbbVie’s on-premises and cloud environmentsDeveloping and implementing key performance metrics to accurately assess the overall health of AbbVie’s Vulnerability Management program and the effectiveness of identification and remediation efforts, and responding to deviations from expected outcomesMaintaining awareness of critical vulnerabilities or emerging threats that may impact AbbVie, and maintaining processes to ensure the effective management of those threatsBuilding relationships with key stakeholders across the enterprise, with the goal of driving vulnerability remediation and reducing the time it takes to remediate, especially for critical risksManage and contribute to the Vulnerability Management team’s external exposure methodology, including the identification, assessment, and communication of externally-facing threats to the organizationCommunicating technical security concepts to customers, including engineers, architects, and managers to help our business units understand risk and remediation strategiesCreating, modifying, and maturing vulnerability management reports and metrics to drive remediation of vulnerabilities throughout the AbbVie environmentIdentify enhancements to tools, standards and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Attack Surface Management program on a global basis
Tools and skills you will use in this role:
Vulnerability management solutions (Rapid 7, Qualys, Tenable, etc.)Cloud security posture management (CSPM) tools (Prisma, Wiz, Orca, etc.)Security information & event management (SIEM) tools (Chronicle, Splunk, ELK, etc.)Attack surface management solutions (Falcon, Tenable, Shodan, Censys, etc.)Qualifications
Bachelors Degree and 9 years experience OR Masters Degree and 8 years experience OR PhD and 4 years experienceA proven track record of at least several years within information security roles, including at least three years managing teams focused on vulnerability managementDemonstrated experience in leading vulnerability remediation efforts, showcasing the ability to drive initiatives that significantly reduce the time to remediate, especially for critical risksAdvanced understanding of vulnerability management strategies, standards, procedures, and technologies across infrastructure- and application-level vulnerabilitiesSolid understanding of cloud-based hosting platforms, with background on security threats deriving from Azure and AWS and GCP hosted services being preferredExperience with data analytics with large datasetsExperience in reporting metrics and key performance indicators to senior leadershipExcellent written and verbal communication and listening skills, with the ability to effectively convey technical insights to technical and non-technical stakeholders
Additional Information
Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:
The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
This job is eligible to participate in our short-term incentive programs.
This job is eligible to participate in our long-term incentive programs
Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.
AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion. It is AbbVie’s policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.
US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:
https://www.abbvie.com/join-us/reasonable-accommodations.html