Cybersecurity Architect
AbbVie · North Chicago, IL, us
Job description
About AbbVie AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas including immunology, oncology and neuroscience - and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on LinkedIn, Facebook, Instagram, X and YouTube. This is a technical role responsible for executing the design, building, testing, and implementation of security systems across our environment, with a specific emphasis on endpoint security and mobility. You will work closely with other members of the Information Security team to identify potential threats and vulnerabilities and develop strategies and solutions to mitigate these risks, securing the end-user device estate and the mobile platforms through which the enterprise increasingly operates, and contributing to our overall information security strategy. This position can be virtual anywhere in the U.S. You will join the Business Technology Solutions (BTS) Information Security and Risk Management (ISRM) Architecture organization. Our team translates business objectives and cyber risk strategy into concrete security measures — processes, technologies, and services — across a diverse and complex infrastructure landscape, including on-premises, cloud, and X-as-a-Service models. Responsibilities: Define and evaluate security architecture for the end-user device estate — workstation and laptop hardening, EDR/endpoint protection (e.g., CrowdStrike, Defender), data protection, and configuration baselines. Advise on mobility security: MDM/UEM (e.g., Microsoft Intune), mobile application management, conditional access, and BYOD posture across iOS and Android. Perform Security Architecture Reviews — adjudicate submissions, align the risk and controls with the system owner, and ensure review quality. Deliver Security Architecture Consulting engagements with business partners — own each engagement end to end, with timely turnaround and clear customer communication. Provide Risk Evidence Review on request, partnering with Risk Management to evaluate control and mitigation effectiveness for risk owners. Plan, design, build, and implement enterprise security architecture, and create relevant documentation of same. Evaluate security technologies and controls across the environment — including those employed by third-party providers — developing strategies, determining which controls fit a given situation, and adapting them to business needs, risk, and the threat landscape. Identify and communicate current and emerging security threats and risks; design security architecture elements and propose new or revised measures to mitigate them as they emerge. Help develop solutions that balance information security needs with the needs of the business, in collaboration with team members and business and IT stakeholders. Be fluent with AI concepts and incorporate AI into your daily workflows — using AI to accelerate design reviews, threat modeling, documentation, and analysis — targeting improved efficiency, quality, and speed. Create reusable security-architecture artifacts — reference architectures, design patterns, security guidelines, and security positions — that scale the team's expertise beyond one-off engagements. Identify recurring problems and build durable systems, patterns, and standards that solve them at the root — not only technical problems, but process and people problems too — so the same issue does not keep resurfacing. Support training and mentorship of more junior employees as well as employees outside the Information Security Team, as needed. Required: Bachelor's Degree and 8 years of experience OR Master's Degree and 7 years of experience OR PhD and 3 years of experience. Demonstrated proficiency with security controls and concepts. Working knowledge of security frameworks and standards (e.g., NIST, CIS Controls, OWASP, Cloud Security Alliance). Advanced knowledge of operating systems, networking protocols, systems administration, and security technologies. Advanced knowledge and application of cybersecurity terminology and concepts, and foundational understanding of the cyber threat landscape and attack vectors. Understanding of risk management principles and the ability to integrate them into security practices. Capable of learning new concepts and processes quickly and adapting to a constantly changing environment. Fluency with AI concepts and demonstrated use of AI tools to improve how you work. Demonstrated critical thinking, problem solving, and analytical skills. Strong organizational skills with attention to detail. Strong written and verbal communication skills with a high level of professionalism. Ability to work independently and effectively as part of a team. Willingness to be available, as needed, for major and critical security issues. Demonstrated skills and experience in the following tools:Endpoint protection and detection (EDR/EPP), data protection, and configuration-baseline tooling. Mobile device and endpoint management (MDM/UEM, e.g., Microsoft Intune), mobile application management, and conditional access. Operating systems, networking protocols, systems administration, and cloud platforms (e.g., AWS, Azure). Security control frameworks and the cyber threat landscape and attack vectors. AI tools and AI-assisted workflows to drive speed and quality. Collaboration and documentation platforms (ServiceNow ITSM, Jira, Confluence, Microsoft 365 / SharePoint) Preferred: Professional cybersecurity certifications (e.g., CISSP, SANS/GIAC, etc.) are highly desirable. Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future. We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees. This job is eligible to participate in our long-term incentive programs. Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law. AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled. US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more: https://www.abbvie.com/join-us/reasonable-accommodations.html
Verified and listed by ActiveJobs. Applications are made directly on AbbVie's own career page — we never sit in the middle.