Abbott is a global healthcare leader that helps people live more fully at all stages of life. The Application Operations Specialist will contribute to developing a risk-based cybersecurity program, perform threat identification and mitigation, and ensure compliance with laws and regulations.
Contribute to the development of a risk-based cyber security program that meets regulatory requirements and aligns with industry-leading information security practices.
Perform threat identification and mitigation activities using industry-leading security controls and tool sets.
Work with a variety of cross-functional teams to ensure compliance with laws, regulations, and policies
Support Audit Readiness during external and internal Audit Activities
Assess threats to the business and deploy countermeasures for those threats.
Guide business units, application development teams, and third-party vendors to achieve program requirements while enabling the business.
Apply technical knowledge to protect the Company against cyber threats (e.g., knowledge of firewalls, intrusion detection and prevention systems, data loss prevention solutions, endpoint protections, log aggregation technology and other leading-edge security technologies).
Perform assessment of cyber security incidents to identify the root cause, respond, and recover the environment.
Support management in the development of strategies, policies, and standards to protect company information and technology assets.
Ensure compliance with business continuity management policies and processes in accordance with applicable regulatory requirements.
Implement and maintain security controls.
Assist with incident response as events are escalated, including triage, remediation, and documentation.
Implements security improvements by assessing the current situation, evaluating trends, and anticipating requirements.
Maintain quality service by following organization standards.
Attend regular project and implementation meetings and serve as the security consultant to help guide secure practices.
Keep up to date with the current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance.
Qualification
Required
Bachelor's degree in Information Security, Computer Science, or related field or an equivalent combination of education and work experience.
Minimum 2 years of expertise in valuing and implementing industry standards such as the ISO 27001/2, SOC 2, HITRUST, and FedRAMP Information Security standard and the ISO 22301 Business Continuity Standard.
Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance)
Possess CISSP certification (or similar) and have knowledge of national and international regulatory compliances and frameworks such as ISO 27001, NIST cybersecurity, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.
Demonstrated knowledge of General Computer Controls, including Information Security, Information System Operations, Vendor Management, Business Continuity, Networks, Database, System Software, Hardware, and Application Development controls
Strong team player with the ability to communicate effectively within cross-functional groups and perform peer reviews of work products and documents.
Excellent organizational skills and critical attention to detail and deadlines with the ability to handle multiple tasks simultaneously
Self-motivated, well-organized, and able to position controls in anticipation of threats.
Preferred
Experience in Audit and certification process
Holds one or more cybersecurity certifications or has completed necessary coursework.
Strong analytical skills to analyze laws, and regulations and translate the security requirements into appropriate security programs, projects, controls, and training
Demonstrated excellent oral and written communication skills for interaction with all levels of management and staff, including the ability to communicate regulatory requirements, security objectives, policies, and standards in business terms
Medical device product security experience
Audit and Risk Management experience
Development process and security process knowledge
Experience in threat modeling and risk management
Vulnerability and penetration-testing skills
Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model and common security elements
Understanding of OWASP, CVSS, the MITRE ATT&CK framework
Displays an analytical and problem-solving mindset
Works calmly under pressure and with tight deadlines
Demonstrates effective decision-making skills
Benefits
Free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year
An excellent retirement savings plan with high employer contribution
Tuition reimbursement
The Freedom 2 Save student debt program
FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree
Abbott is a healthcare company that is engaged in pharmaceuticals and manufacturing healthcare products.
Glassdoor
3.8
Founded in 1888
Illinois City, Illinois, USA
10001+ employees
https://www.abbott.com
Abbott is a healthcare company that is engaged in pharmaceuticals and manufacturing healthcare products.
