Company Description

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas - immunology, oncology, neuroscience, and eye care - and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com . Follow @abbvie on Twitter , Facebook , Instagram , YouTube and LinkedIn .

Job Description

Come to work each day with an inclusive and collaborative business technology team. As a Business Information Security Officer in AbbVie Business Technology Solutions (BTS), you'll have opportunities to contribute to the digital transformation of a leading biopharma company, helping to create solutions that impact patients and their communities for the better.

The Global Information Research Business Information Security Officer (BISO) is the senior information security partner within the Global Information Research business function for all services and core solutions; responsible for prioritizing security risks across the line of business (BU's), technology, and representing the CISO in functional security matters.

Focal point to work with business IT (BTO) to understand the security requirements and implications of business IT efforts and interact with the AbbVie Information Security and Risk Management (ISRM) team as needed. This role is a senior-level individual contributor role.

Primary Responsibilities

• Ensure coordination of activities between the Information Research IT Leadership Team and the ISRM team.
• Ensure the implementation of ISRM, data protection and privacy standards across the business. Manage the security processes and effectively ensuring guidance in accordance to ISRM policies and procedures.
• Work with functional IT teams to develop mitigations for system security threats and risks.
• Serve as a cyber security subject matter expert (SME), coordinating and providing multi-disciplinary knowledge, skills, and experience in security architecture, and security management roles and responsibilities.
• Define, develop, and present critical risk KPI's to business leadership.
• Provide consulting services on current and upcoming projects covering all levels IT security architecture.
• Review of vulnerability and patching analysis reports and management of resolution activities on behalf of business IT to assess risk level and prioritize action.
• Respond to customer queries in support of the business programs and projects.
• Manage and respond to Data Privacy and InfoSec support requests from across the business in coordination with the CISO
• Provide advice and guidance to management and customers.
• Participate with the Business Relationship Management (BRM) team and Security Working Group supporting the customers.

Qualifications

Qualifications

Required:

• Bachelor's Degree and minimum 10 years of experience; or Masters Degree and 9 years experience; or PhD and 5 years of experience in Information Security, Information Assurance and/or Cyber Security space.
• Experience in the information security field designing and implementing enterprise security solutions in a global context.
• Experience working in a global organization and implementing solutions in multiple geographic regions and the requirements in those countries (e.g., China (CSL, PIPL), Brazil, UK (GDPR), etc.)
• Deep and broad understanding related to security encompassing end point technologies, applications, application hosting, physical and virtual data center hosting.
• Knowledge of information security management frameworks, e.g., ISO 27001 or NIST CSF.
• Experience with security practices such as security incident response and risk management.
• Experience in the design, development, implementation, and operational support of mission critical solutions in large scale environments and organizations.
• Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members.
• Experience in leading projects leveraging global teams with highly matrixed resources.
• Must be a critical thinker with strong problem-solving skills.
• Knowledge and understanding of relevant legal and regulatory requirements.
• Experience with contract and vendor negotiations.
• High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
• High degree of initiative, dependability, and ability to work with little supervision.
• Ability to think at systems / architecture level I.e. How do all the parts of the solution fit together not just design at element level.
• Proven ability in security process and organizational design; Current understanding of Industry trends and emerging threats; and knowledge of incident response methodologies and technologies.

Beneficial:

• Advanced degree in applicable field
• Technical writing-comfortable writing reports for senior management
• 8+ years of IT security experience working in an infrastructure or security architecture environment.
• Cyber security risk management experience, e.g., conducting assessments, identifying risks, and recommending solutions.

Why Business Technology Solutions

For anyone who wants to use technology and data to make a difference in people's lives, shape the digital transformation of a leading biopharmaceutical company, and secure sustainable career growth within a diverse, global team: we're ready for you.

Additional Information

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:

• The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
• We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
• This job is eligible to participate in our short-term incentive programs.
• This job is eligible to participate in our long-term incentive programs

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company's sole and absolute discretion, consistent with applicable law.

AbbVie is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion. It is AbbVie's policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.