Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals, and branded generic medicines. Our 109,000 colleagues serve people in more than 160 countries.
Our location in MN currently has an opportunity for a Senior Product Security Analyst.
WHAT YOU'LL DO
The Product Security Analyst is responsible for identifying security risks of developed, marketed, and fielded products, including, but not limited to, patient safely and data protection risks. The Product Security Analyst will help maintain a product security program that offers services such as: product security risk assessment, security testing, security event handling, metrics & monitoring, external communications and staffing, education and training working with Quality management systems in a regulated industry.
Core Job Responsibilities
Develop and maintain product cybersecurity standards and other documents as deemed necessary. Specific tasks may include analyzing existing requirements, reviewing and mapping applicable regulations and cybersecurity frameworks, collaborating with divisional compliance teams, working with impacted stakeholders to complete documentation updates.
Executing control monitoring activities which may include annual planning, walkthroughs and testing of specific controls, and status reporting.
Maintain product cybersecurity control framework in alignment with various security industry frameworks (e.g., ISO27K, NIST 800-53, etc.), regulatory requirements (e.g., FDA pre/postmarket cybersecurity guidance), and internal Abbott policies. Specific activities may include review and analysis of existing controls against Abbott and regulatory requirements, creating test plans, communicating control framework to stakeholders, etc.
Assist with execution of the product maturity assessments. Activities may include coordination of Internal Audit assessments, working with product teams to complete questionnaires, reporting, etc.
Help lead governance and training efforts and contribute to various methodologies in use.
May coach or provide guidance to lower-level security professionals
Participate in company-wide product security initiatives as necessary.
Develop and effectively execute project plans, work breakdown, structure, and task dependencies, communication plans, etc. as needed.
Communicate product security messaging throughout the organization, including program updates with Senior Management.
Provide strategic perspective and alignment, lead governance and training efforts, and contribute to various methodologies in use.
Maintain positive and cooperative communications and collaboration with all levels of employees, customers, contractors, and vendors.
Perform other related duties and responsibilities, on occasion, as assigned.
Position Accountability & Scope
Reports to Senior Product Security Manager. The scope of this position is Abbott wide and considers the information security implications unique to all Abbott divisions when accessing the security of products.
BA/BS or higher in Information Security, Risk or IT Management, Computer Science, or related field; or equivalent experience.
6 years of Information Security/IT/Audit/Consulting experience is required
Certifications such as CISA, CISM, CRISC, CISSP, CPP or CFE are preferred
Knowledge regulatory and industry compliance frameworks such as NIST Cybersecurity Framework, ISO 27001, EU DPD, HIPAA/HITECH, etc.
History of completing successful cross-functional projects and driving positive compliance outcomes.
Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines and service levels.
Must have strong time management skills and an ability to thrive in a high cadence operation
Must work well within a tight-knit team environment and be able to work with peers, customers, and partners to support the mission.
Excellent communication skills with demonstrated ability to write clear concise business communication for multiple levels (management, technical, user).
Experience with maintaining cybersecurity standards is preferred.
Experiences in audit and/or consulting background is preferred.
Experience with control monitoring activities which may include walkthroughs and testing of specific controls.
Experience with Quality management systems in a regulated industry.
Supervisory / Management Responsibilities
WHAT WE OFFER
At Abbott, you can have a good job that can grow into a great career. We offer:
Training and career development, with onboarding programs for new employees and tuition assistance
Financial security through competitive compensation, incentives, and retirement plans
Health care and well-being programs including medical, dental, vision, wellness, and occupational health programs
Paid time off
401(k) retirement savings with a generous company match
The stability of a company with a record of strong financial performance and history of being actively involved in local communities
Follow your career aspirations to Abbott for diverse opportunities with a company that provides the growth and strength to build your future. Abbott is an Equal Opportunity Employer, committed to employee diversity.
Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 109,000 colleagues serve people in more than 160 countries.