Information Security Architect

Company Description
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas immunology, oncology, neuroscience, and eye care and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at . on Twitter , Facebook , Instagram , YouTube and LinkedIn .

Job Description
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas immunology, oncology, neuroscience, and eye care and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at . on Twitter, Facebook, Instagram, YouTube and LinkedIn.

Come to work each day with an inclusive and collaborative business technology team. As an Information Security Architect in AbbVieBusiness Technology Solutions (BTS), youll have opportunities to contribute to the digital transformation of a leading biopharma company,helping to create solutions that impact patients and their communities for the better.

This position can be based anywhere remotely/virtually anywhere in the U.S.

As a member of the Information Security Risk Management architecture team, the Information Security Architect plays a crucial role in shaping and guiding the organization's security strategy, architecture, and practices, with a focus beyond just security tools. The Information Security Architect is tasked with translating business objectives and cyber risk management strategies into concrete security measures encompassing processes, technologies, and services across the organization's landscape. This includes building threat modeling techniques to identify, assess, and prioritize potential threats to the organization's assets and operations, enabling targeted and effective risk mitigation strategies. This role involves evaluating and adopting new security practices in response to evolving threat landscapes, ensuring a comprehensive security posture that safeguards all aspects of the organization's operations.

In this role, youll be responsible for:

• Developing and maintaining the organization's Threat Modeling program, systematically identifying components or assets, assessing threats, and establishing mitigation measures.
• Creating and managing a threat libraryusing industry tools to document known threats, assess their risks, and utilize this information to guide security architecture decisions and risk assessments.
• Conducting Threat Modeling assessments, identifying in-scope components or assets, potential attack vectors, and vulnerabilities within the enterprise security architecture, and recommending targeted mitigation strategies.
• Building and developing a team of Threat Modelers focused on leveraging methodologies to enhance security by identifying threats and closing vulnerabilities.
• Guiding the integration of advanced security technologies and practices, to bolster the organization's defensemechanisms.
• Collaborating with senior leaders and stakeholders across the enterprise, providing expert advice on securitymatters and influencing strategic decisions.
• Keeping abreast of the latest security trends, threats, and technologies to continuously refine and update the security architecture and practices.
• Leading initiatives to foster a security-aware culture within the organization, including educating stakeholders on security good practices and risk avoidance.
• Working closely with IT, compliance, and business units to ensure that security considerations are seamlessly integrated into operational processes and project lifecycles.
• Evaluate and recommend appropriate security controls across a diverse and complex infrastructure landscape, including on-premises, cloud, and various X as a Servicemodels.
• Identify and communicate current and emerging security threats and help design security architecture elements to mitigate threats as they emerge.
• Support training ofmore junior employees as well as employees outside the Information Security Team, as needed.

Qualifications

• Bachelors Degree and 8 years experience OR Masters Degree and 7 years experience OR PhD and 3years experience
• Advanced knowledge and application of cybersecurity terminology and concepts, and foundational understanding of the cyber threat landscape and attack vectors.
• Demonstrated proficiency with security controls and concepts.
• Demonstrated experience and abilities implementing threat models at the enterprise level.
• Experience building out a program, preferably specific to threat modeling.
• Advanced knowledge of security technologies, operating systems, networking protocols, and systems administration.
• A sincere desire to learn, grow, and go beyond personal capabilities, staying abreast of the latest developments in the cybersecurity landscape .
• Ability to analyze and understand technical information.
• Strong organizational skills with attention to detail.
• Demonstrated ability to innovate and adapt in response to a constantly changing environment.
• Advanced critical thinking, problem solving, and analytical skills.
• Excellent written and verbal communication and listening skills, with the ability to effectively convey technical insights to technical and non-technical stakeholders.
• Ability to work both independently without direction and within a group for day-to-day activities .
• Willingness to be available, as needed, for major and critical security issues

Additional Information
Applicable only to applicants applying to a position in any location with pay disclosure requirements under state orlocal law:

• The compensation range described below is the range of possible base pay compensation that the Companybelieves ingood faith it will pay for this role at the timeof this posting based on the job grade for this position.Individualcompensation paid within this range will depend on many factors including geographic location, andwemay ultimatelypay more or less than the posted range. This range may be modified in thefuture.
• We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick),medical/dental/visioninsurance and 401(k) to eligibleemployees.
• This job is eligible to participate in our short-term incentiveprograms.
• This job is eligible to participate in our long-term incentiveprograms

Note: No amount of payis considered to bewages or compensation until such amount is earned, vested, anddeterminable.The amount and availability of any bonus,commission, incentive, benefits, or any other form ofcompensation and benefitsthat are allocable to a particular employee remains in the Company's sole andabsolutediscretion unless and until paid andmay be modified at the Companys sole and absolute discretion, consistent withapplicable law.

AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion. It is AbbVies policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.

US & Puerto Rico only - to learn more, visit

US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more: