Associate Security Analyst II, Incident Response (Remote)

at AbbVie in North Chicago, Illinois, United States

Job Description

Company Description

AbbVie’s mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn.

Job Description

This role can be based anywhere in United States but will required to work in Central Standard Time Zone"

Purpose

This position is part of AbbVie’s Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk. AbbVie Information Security is looking for a highly motivated, talented defender to join the Cyber Security Incident Response Team (CSIRT). The Cyber Security Operations Center (CSOC) manages the initial investigation and response to security events, alerts, and threats, and works directly to augment incident responders during critical security events. Join us as an Associate Security Analyst II, Incident Response to form the first line of defense against cyber-attacks and help our business to continue to have remarkable impacts on people’s lives.

Responsibilities

+ Initial triage of cyber security alerts

+ Responding to and escalating confirmed cyber security incidents

+ Contributing to key initiatives in order to enhance the Cyber Security Operations team’s maturity and operational capabilities

+ Adhering to cyber security processes, procedures and other documentation while performing incident response duties

+ Analyzing security system logs, security tools, and available data sources to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection development and system tuning

+ Assisting in identifying monitoring/detection gaps and helping to drive them toward resolution

+ Escalating cyber security incidents to incident response analysts when appropriate

+ Identifying and actioning incident trends observed during triage and response activities

+ Assisting with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOPs)

Tools and skills you will use in this role:

+ Basic understanding of system logging and auditing concepts, security controls (i.e. anti-virus, EDR, IPS/IDS), and their capabilities

+ Creating original technical documentation

+ Working knowledge of diverse operating systems, networking protocols, systems administration, and security technologies

+ Familiarity with cyber security terminology and concepts, and basic understanding of the cyber threat landscape and attack vectors

+ Capability to learn new concepts and processes quickly, and adapt to a constantly changing environment

+ Ability to successfully interact with non-technical personnel

+ Ability to analyze and understand technical information

Qualifications

Qualifications

+ Bachelor’s Degree in computer science or related technical field and 2 years of specialized information security experience

+ Master’s Degree in computer science or related technical field

+ Experience in a CSOC or other specialized information security role

+ Demonstrated critical thinking, problem solving, and analytical skills with the ability to de-construct complex concepts

+ Working knowledge of incident response terminology and methodologies

+ Knowledgeable on multiple technologies and systems that support CSOC and CSIRT services (e.g. SOAR, SIEM, IPS/IDS, EDR, etc.)

Beneficial

+ Basic level of understanding of common Windows OS artifacts and their relation to cyber security investigations

+ Knowledgeable on areas of Information Security, outside of Incident Response (e.g. Security Architecture, Security Engineering, Application Security, Vulnerability Management, Threat Intelligence, etc.)

+ Familiarity with cloud environment architecture

+ Experience with at least one programming or scripting language

+ Familiarity with change and incident management concepts and processes

+ Certifications consisting of any of the following: GIAC Continuous Monitoring Certification (GMON), GIAC Certified Intrusion Analyst (GCIA), GIAC Security Operations Certified (GSOC), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), GIAC Enterprise Incident Responder (GEIR), or other cybersecurity related certifications

Why Business Technology Solutions

For anyone who wants to use technology and data to make a difference in people’s lives, shape the digital transformation of a leading biopharmaceutical company, and secure sustainable career growth within a diverse, global team: we’re ready for you.

Additional Information

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: ?

?

+ The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.?

+ We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.?

+ This job is eligible to participate in our short-term incentive programs. ?

?

Note: No amount of pay is a considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company’s sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.

AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion. It is AbbVie’s policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status. US & Puerto Rico only – to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html