|Published||November 22, 2022|
|Location||Green Oaks, IL|
Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 113,000 colleagues serve people in more than 160 countries.
ABOUT ABBOTT DIAGNOSTICS:
The key to successful treatment and full recovery is often fast, accurate diagnosis. Abbott's life-changing tests and diagnostic tools provide insights that enable smarter, faster decisions and transform the way the world is managing health.
Our pioneering technology spans the world of healthcare operations - with medical diagnostic instruments, tests, automation and informatics solutions for hospitals, reference labs, blood centers, emergency departments, physician offices and clinics.
WHAT YOU'LL DO
The Product Security Engineer will serve as a Cybersecurity Subject Matter Expert (SME) for our Cloud-Based software applications. They will work closely with product development in the design, implementation, and maintenance of secure software applications in the AlinIQ portfolio of cutting-edge medical and non-medical software applications. For on-market product, the Product Security Engineer will evaluate incoming cybersecurity signals, assess the impact to on-market products and provide responses and documentation updates in compliance with our security policies and standards. For new products and software updates, they will be participate in the design and development activities with focus on cybersecurity - threat modeling, secure design, implementation, and documentation.
Key performance indicators for this role include assessing and maintaining compliance to security policies and standards, timely provisioning of product security assessments, and support for auditing of our secure product lifecycle for the AlinIQ portfolio of products. The role requires the ability to work in an environment that is fast paced, to work independently, and to apply the latest security design and tooling strategies available.
* Responsible for ensuring products are safe, secure, and are compliant with division, corporate, and industry regulation and meet customer and patient security expectations.
* Works within an agile, collaborative, multi-discipline environment to produce compliant and secure products.
* Identifies cybersecurity risks, vulnerabilities, and assists in concepting and delivering mitigating functionalities.
* Perform vulnerability assessments - analyze impact of vulnerabilities on software and develop/implement mitigations
* Perform threat analysis/modeling, gap analysis, and security for on-market and in-development products
* Owns the product cybersecurity deliverables and process compliance. Capable of following and cybersecurity processes, methods, techniques, and tools and assuring their consistent application.
* Stay abreast of changes in the business and product environment as well as the evolving regulatory and threat landscape
* Supporting SOC 2 and other certifications as application SME for explaining the designing and implementation of security controls
* Ability to articulate technical discussions to a variety of internal, external, and customer stakeholder groups
* Participates in establishing technology-specific vision and strategy and processes
* Participates in the development of Abbott Security policies as applicable to area of expertise
EDUCATION AND EXPERIENCE
BA/BS Degree in Engineering, Computer Science, MIS, Telecommunications or related field.
4 - 8 years IT experience with Fortune 500 company; 5+ years of experience in secure product development lifecycle engineering strongly desired
Previous work experience in a product cybersecurity role is preferred
Strong understanding of product cybersecurity and the relationship between threat, vulnerability, and potential customer risk.
Azure Certifications preferred, minimally has a strong history working with cloud hosted applications.
Hands-on security experience with various technologies , such as Docker, Kubernetes, Terraform
Understanding of industry standards such as HITRUST, NIST Cybersecurity Framework, FedRAMP, RMF, IMDRF, TIR-57 Principles for medical device security risk management, etc.
Experience with secure configuration/hardening of systems
ISC2 CCSP Certified Cloud Security Professional, or CCNA Cyber Ops is desirable
Certifications such as CISA, CISM, CRISC, CISSP, CPP, CFE or SANS are preferred
Experience in cryptographic standards and methods and detailed knowledge of cryptographic key management preferred
Experience in Atlassian suite - JIRA, Bitbucket and Confluence preferred
WHAT WE OFFER
At Abbott, you can have a good job that can grow into a great career. We offer:
Training and career development, with onboarding programs for new employees and tuition assistance
Financial security through competitive compensation, incentives and retirement plans
Health care and well-being programs including medical, dental, vision, wellness and occupational health programs
Paid time off
401(k) retirement savings with a generous company match
The stability of a company with a record of strong financial performance and history of being actively involved in local communities
Learn more about our benefits that add real value to your life to help you live fully:? www.abbottbenefits.com
Follow your career aspirations to Abbott for diverse opportunities with a company that provides the growth and strength to build your future. Abbott is an Equal Opportunity Employer, committed to employee diversity.