Company

BiospaceSee more

addressAddressIllinois, United States
type Form of workFull time
CategoryInformation Technology

Job description

Company Description

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas immunology, oncology, neuroscience, and eye care and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn.


Job Description

AbbVie Information Security is looking for a highly motivated, diligent, and skillful analyst to join the Attack Surface Management (ASM) team. AbbVies Application Security team protects AbbVies patients, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks. Application Security is a capability of ASM within the larger Cyber Security Operations (CSO) function. Join us as Senior Security Specialist, Application Security to support and improve our efforts to identify and reduce AbbVies attack surface and help our business continue to have remarkable impacts on peoples lives.

The Senior Security Specialist is a key member of the Application Security team and works with internal and external groups to identify and drive remediation of information security risks across all AbbVie application environments.

The ideal candidate must have prior experience conducting manual web and mobile Application Security penetration tests within an enterprise environment and working with application stakeholders to discuss vulnerabilities and remediation options.

In this role, youll be responsible for:

  • Maintaining awareness of the latest critical information security vulnerabilities, threats, and exploits
  • Providing guidance on existing and emerging threats in the web and mobile application space, as they apply within the AbbVie environment
  • Performing Application Security reviews throughout the application development lifecycle, including tasks such as:
    • Performing security assessments for AbbVie web and mobile applications across the enterprise
    • Dynamic (DAST) Application Security testing and/or penetration testing of applications and source code
    • Auditing results of security assessments with development and/or security teams and offering plans for remediation of vulnerabilities
    • Retesting remediation to confirm the efficacy of fixes
  • Reviewing deliverables from third-party service providers and other Application Security Analysts to ensure completeness and accuracy
  • Communicating technical Application Security concepts to customers, including developers, architects, and managers
  • Participating in the management of AbbVies bug bounty program, working to validate and triage reported vulnerabilities, and working with application owners to ensure valid findings are remediated
  • Training customer staff on Application Security and remediation of Application Security code defects
  • Identifying and developing secure software development best practices
  • Identifying enhancements to tools, standards, and processes; providing input into policies and procedures, and contributing to the implementation and refinement of the strategy for the Application Risk program on a global basis
  • Candidates in this role are able to work remote within the United States
  • Significant Work Activities -Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)

Qualifications

Tools and skills you will use in this role:

  • Web and mobile application penetration testing tools
  • Security information and event management (SIEM) tools (Chronicle, Splunk, ELK, etc.)
  • Attack surface management solutions (Falcon, Tenable, Shodan, Censys, etc.)

Experiences that make you a strong candidate for this role:

Required:

  • Minimum of 8 year's Information Security experience or equivalent experience in Information Risk Management.
  • Advanced knowledge of web application vulnerabilities and web application business logic flaws and threats
  • Advanced understanding of application architectures and technologies, including web applications, mobile technology, data encryption, and identity and access management
  • Advanced, hands-on experience with manual vulnerability testing and static code analysis
  • Advanced experience with tools including, but not limited to, Kali Linux platform and built-in tools, Burp Suite, and OWASP ZAP. Burp or Zap expertise must focus on manual testing rather than automated scanning.
  • Advanced understanding of security controls such as Authentication, Authorization, Access Control, Cryptography, and Network Protocols along with security standards: OWASP Top 10, SANS 25, NIST, and CVE
  • Written and verbal communication skills are critical
  • Communicating concepts to diverse audiences with varying skill sets is vital

Beneficial:

  • Certifications such as OSCP, OSWE, or ECSA

If you believe youre a great fit for this job but dont have all of the experiences listed above, we encourage you to apply anyway!


Additional Information

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:

  • The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
  • We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
  • This job is eligible to participate in our short-term incentive programs.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Companys sole and absolute discretion, consistent with applicable law.

AbbVie is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion. It is AbbVies policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.

Refer code: 9316453. Biospace - The previous day - 2024-05-26 17:20

Biospace

Illinois, United States
Jobs feed

Part-Time Store Cashier/Stocker

Aldi

New Hampshire, United States

$18 an hour

Food Runner and Host

River House & Waterview Grill

Portsmouth, NH

$12 - $18 an hour

Patient Scheduler

Atlantic Orthopaedics & Sports Medicine

Portsmouth, NH

$16 - $18 an hour

Store Associate, PT - Kittery

Nike

Kittery, ME

$16 an hour

Early Morning Valet

C&J Bus Lines

Portsmouth, NH

$18.50 an hour

Retail Sales Associate

Gap

Kittery, ME

Retail Merchandise Associate

Homesense

Portsmouth, NH

$16.00 - $16.50 an hour

Seasonal Side Gig- Saturday Trash Pickup at Vacation Rentals

Maine Street Property Management

Wells, ME

From $25 an hour

Part-Time Executive Assistant

Flexprofessionals

Portsmouth, NH

$25 an hour

Waitstaff/ Bar Staff

Behind The Plate

Portsmouth, NH

$22 - $30 an hour

Share jobs with friends

Related jobs

Senior Application Security Specialist - Remote

Senior Application Administrator/Rules Specialist (Operations & Policy Analyst 2)

Secretary Of State

$5,228 - $8,003 a month

Salem, OR

3 weeks ago - seen

Senior Clinical Applications Specialist, Physicist - REMOTE

Biospace

Hayward, CA

a month ago - seen

Senior Manager (Application Specialist)

The Bank Of Nova Scotia

$40 per hour

New York, NY

2 months ago - seen

Application Evaluation Specialist -DBS, (Associate - Senior)

Your Basin Jobs

Odessa, TX

2 months ago - seen

Senior Applications Configuration Specialist (Full-time Remote, North Carolina Based)

Alliance Health

$96,022 - $160,037 a year

Morrisville, NC

2 months ago - seen

Senior Application Specialist - IT Banking/Compliance

Wintrust

Illinois, United States

2 months ago - seen

Senior Application Security Specialist - Remote

Abbvie

$98K - $124K a year

Illinois, United States

2 months ago - seen

Senior Application Specialist - UM

Renown Health

Reno, NV

3 months ago - seen

BCT Partners - Senior Application Program Support Specialist

Bct Partners, Llc

Newark, NJ

3 months ago - seen

BCT Partners - Senior Application Support Specialist

Bct Partners, Llc

$95,000 - $105,000 a year

Remote

4 months ago - seen

Senior Specialist Application Engineering

At&S

San Jose, CA

5 months ago - seen

Clinical Application Specialist (Remote)

Alg Senior

$46.9K - $59.4K a year

Hickory, NC

5 months ago - seen