Associate Director - Security Posture And Hygiene

Come to work each day with an inclusive and collaborative business technology team. As an Associate Director, Security Posture and Hygiene in AbbVie Business Technology Solutions (BTS), you’ll have opportunities to contribute to the digital transformation of a leading biopharma company, helping to create solutions that impact patients and their communities for the better

The Associate Director, Security Posture and Hygiene, plays a pivotal leadership role within our organization, steering the strategic direction, design, and implementation of our Security Posture and Hygiene program. This role is at the forefront of enhancing our cybersecurity measures across a diverse and complex infrastructure landscape, including on-premise and cloud models. By continuously monitoring and remediating security control gaps and leveraging the Center for Internet Security (CIS) Top 18 critical security controls, this position aims to bolster our defenses by improving our hygiene of cybersecurity standards and practices.

In this role, you will be responsible for:

• Develop a comprehensive strategy for the Security Posture and Hygiene program.
• Assemble and manage a team dedicated to implementing, assessing, and maturing the CIS Top 18 critical controls and their associated safeguards.
• Develop and execute strategies for continuous monitoring and improvement of security controls and configurations across enterprise systems.
• Ensure the hygiene of security configurations by establishing and enforcing policies, procedures, and standards to prevent unauthorized access, data breaches, and other cyber threats.
• Collaborate with IT, network, and other relevant departments to align security measures with organizational goals and compliance requirements.
• Develop and maintain comprehensive documentation on security controls, assessments, incidents, and improvements.
• Conduct regular assessments to determine the maturity of each security control, identifying areas for improvement and recommending enhancements.
• Foster strong partnerships with technology and domain stakeholders to ensure seamless integration and compliance of security practices across the enterprise.
• Stay abreast of the latest cybersecurity trends, threats, and technologies to adapt and evolve our security strategies accordingly.
• Lead initiatives to educate and train team members and the wider organization on cybersecurity good practices and the importance of a forward-thinking Security Posture.
• Ensure that all security programs and initiatives adhere to relevant laws, regulations, and policies, continuously updating practices to meet new standards.
• Oversee daily operations, including targeted assessments, risk management, and response strategies, ensuring a high level of security and resilience against cyber threats.
• Build collaborative relationships and partner effectively with business and technology senior leaders.
• Maintain expert-level professional and technical knowledge in relevant domains
• Building metrics and dashboards that will provide stakeholders with actionable insights into the Security Posture of technologies.

#LI-Remote

• Bachelors Degree and 9 years of experience OR Masters Degree and 8 years of experience OR PhD and 4 years of experience
• Proven leadership in cybersecurity, with extensive experience in managing Security Posture and Hygiene strategies within complex and diverse IT environments
• Expert knowledge of operating systems, networking protocols, systems administration, X as a service, applications, and security technologies.
• Expert knowledge and application of cybersecurity terminology, concepts, and the cyber threat landscape and attack vectors.
• Deep understanding of risk management principles and the ability to integrate these into security practices.
• Experience with the CIS Top 18 controls and familiarity with the CIS Controls Implementation Groups (IGs) methodology.
• Demonstrated ability to innovate and adapt in response to a constantly changing environment.
• Advanced critical thinking, problem solving, and analytical skills
• Strong leadership and collaboration skills with business and technical groups.
• Excellent written and verbal communication and listening skills, with the ability to effectively convey technical insights to technical and non-technical stakeholders.
• Demonstrated ability to interface effectively with clients, IT management, and staff.
• A sincere desire to learn, grow, and go beyond personal capabilities, staying abreast of the latest developments in the cybersecurity landscape.
• Professional cybersecurity certifications (e.g., CISSP, CISM, CIS Controls, etc.) are highly desirable.

Why Business Technology Solutions
For anyone who wants to use technology and data to make a difference in people’s lives, shape the digital transformation of a leading biopharmaceutical company, and secure sustainable career growth within a diverse, global team: we’re ready for you.

AbbVie is committed to operating with integrity, driving innovation, transforming lives, serving our community, and embracing diversity and inclusion. It is AbbVie’s policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.