Jobs
>
Mettawa

    Senior Application Security Specialist - Mettawa, United States - AbbVie

    AbbVie
    AbbVie Mettawa, United States

    2 weeks ago

    Default job background
    Description
    Company Description


    AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow.

    We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio.

    For more information about AbbVie, please visit us at Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn.

    Job Description


    AbbVie Information Security is looking for a highly motivated, diligent, and skillful analyst to join the Attack Surface Management (ASM) team.

    AbbVie's Application Security team protects AbbVie's patients, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks.

    Application Security is a capability of ASM within the larger Cyber Security Operations (CSO) function.

    Join us as Senior Security Specialist, Application Security to support and improve our efforts to identify and reduce AbbVie's attack surface and help our business continue to have remarkable impacts on people's lives.


    The Senior Security Specialist is a key member of the Application Security team and works with internal and external groups to identify and drive remediation of information security risks across all AbbVie application environments.


    The ideal candidate must have prior experience conducting manual web and mobile application security penetration tests within an enterprise environment and working with application stakeholders to discuss vulnerabilities and remediation options.

    This position can be anywhere in the U.S.

    In this role, you'll be responsible for:
    Maintaining awareness of the latest critical information security vulnerabilities, threats, and exploits

    Providing guidance on existing and emerging threats in the web and mobile application space, as they apply within the AbbVie environment

    Performing application security reviews throughout the application development lifecycle, including tasks such as:

    Performing security assessments for AbbVie web and mobile applications across the enterprise

    Dynamic (DAST) application security testing and/or penetration testing of applications and source code

    Auditing results of security assessments with development and/or security teams and offering plans for remediation of vulnerabilities

    Retesting remediation to confirm the efficacy of fixes

    Reviewing deliverables from third-party service providers and other Application Security Analysts to ensure completeness and accuracy

    Communicating technical application security concepts to customers, including developers, architects, and managers

    Participating in the management of AbbVie's bug bounty program, working to validate and triage reported vulnerabilities, and working with application owners to ensure valid findings are remediated

    Training customer staff on application security and remediation of application security code defects

    Identifying and developing secure software development best practices

    Identifying enhancements to tools, standards, and processes; providing input into policies and procedures, and contributing to the implementation and refinement of the strategy for the Application Risk program on a global basis

    Candidates in this role are able to work remote within the United States

    Significant Work Activities -Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)

    Qualifications

    Tools and skills you will use in this role:

    Web and mobile application penetration testing tools

    Security information and event management (SIEM) tools (Chronicle, Splunk, ELK, etc.)

    Attack surface management solutions (Falcon, Tenable, Shodan, Censys, etc.)

    Experiences that make you a strong candidate for this role:


    Required:
    Minimum of 8 year's Information Security experience or equivalent experience in Information Risk Management.

    Advanced knowledge of web application vulnerabilities and web application business logic flaws and threats

    Advanced understanding of application architectures and technologies, including web applications, mobile technology, data encryption, and identity and access management

    Advanced, hands-on experience with manual vulnerability testing and static code analysis


    Advanced experience with tools including, but not limited to, Kali Linux platform and built-in tools, Burp Suite, and OWASP ZAP.

    Burp or Zap expertise must focus on manual testing rather than automated scanning.

    Advanced understanding of security controls such as Authentication, Authorization, Access Control, Cryptography, and Network Protocols along with security standards: OWASP Top 10, SANS 25, NIST, and CVE

    Written and verbal communication skills are critical

    Communicating concepts to diverse audiences with varying skill sets is vital


    Beneficial:
    Certifications such as OSCP, OSWE, or ECSA

    If you believe you're a great fit for this job but don't have all of the experiences listed above, we encourage you to apply anyway

    Additional Information

    Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: ​


    The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position.

    Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range.

    This range may be modified in the future.​


    We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.



    This job is eligible to participate in our short-term incentive programs. ​

    Note:

    No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable.

    The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company's sole and absolute discretion, consistent with applicable law.



    AbbVie is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion.

    It is AbbVie's policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.

  • Quantum Ventures

    Security specialist for event security

    3 weeks ago

    Quantum Ventures Volo, United States

    About the Company · For over 20 years, we have been providing security services in the areas of plant and object protection, event security, rental of barrier technology, and armed security services. Our employees are professionally prepared for their assignments and individually ...

  • AbbVie

    Senior Application Security Specialist

    1 week ago

    AbbVie Libertyville, United States

    Company Description · AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic area ...

  • AbbVie

    Senior Application Security Specialist

    2 weeks ago

    AbbVie Libertyville, United States

    Company Description · AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas ...

  • AbbVie

    Senior Application Security Specialist

    1 week ago

    AbbVie Libertyville, United States

    Company Description · AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic area ...

  • Green Thumb

    Security Operations Center Specialist

    1 week ago

    Green Thumb Mundelein, United States

    Green Thumb owns and operatesRISE Dispensaries, a fast-growing national cannabis retailer that promotes social conscience, community impact and well-being through the power of cannabis. Since opening its doors in 2015, RISE has grown its national footprint to 80+ retail locations ...

  • Target

    Security Specialist

    21 hours ago

    Target Arlington Heights, United States

    Target E Rand Rd [Asset Protection / Loss Prevention] As a Security Specialist at Target, you'll: Contribute to a team in the development of a secure work environment for all Target team members, temporary workers, vendors and visitors; Execute routines to identify and investigat ...

  • Brains Workgroup

    Application Security Specialist

    4 weeks ago

    Brains Workgroup North Chicago, United States

    Application Security Specialist · One of our clients, global pharmaceutical company is looking for an enthusiastic Senior Application Security Specialist. · This is a permanent FT position with competitive compensation and great benefits package. Location is North Chicago, IL Are ...

  • AbbVie

    Senior Application Security Specialist

    1 month ago

    AbbVie Mettawa, United States Full time

    · Company Description · AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic ar ...

  • Cystems Logic

    IT Security Specialist

    2 weeks ago

    Cystems Logic Chicago, United States

    Job Description · Job Description · Role: IT Security Specialist · Duration: 12 Months · Location: Chicago IL/ Denver CO · The successful candidate is an intellectually curious self-starter who requires minimal oversight and who has hands-on experience to hit ground day 1 wi ...

  • Heartland Alliance

    Security Specialist

    2 weeks ago

    Heartland Alliance Chicago, United States

    Job Description · Job Description · Position: Security Specialist · Location: · Beverly, Chicago, IL · Shift: · 4p-12:30a or 12a-8:30a · Summary: · Are you passionate about ensuring the safety and well-being of vulnerable populations, including unaccompanied minors? If so, ...

  • Heartland Human Care Services

    Security Specialist

    2 days ago

    Heartland Human Care Services Chicago, United States

    Job Description · Job DescriptionTitle: Security Specialist · Location: Beverly, Chicago, IL · Shift: 4p-12:30a or 12a-8:30a · Summary: Are you passionate about ensuring the safety and well-being of vulnerable populations, including unaccompanied minors? If so, we have an excitin ...

  • Target

    Security Specialist

    21 hours ago

    Target Chicago, United States

    Target W Jackson Blvd [Asset Protection / Loss Prevention] As a Security Specialist at Target, you'll: Contribute to a team in the development of a secure work environment for all Target team members, temporary workers, vendors and visitors; Execute routines to identify and inves ...

  • Heartland Alliance

    Security Specialist

    2 weeks ago

    Heartland Alliance Chicago, United States

    Job Description Job Description Position: Security SpecialistLocation: Beverly, Chicago, ILShift: 4p-12:30a or 12a-8:30aSummary:Are you passionate about ensuring the safety and well-being of vulnerable populations, including unaccompanied minors? If so, we have an exciting opport ...

  • Heartland Alliance

    Security Specialist

    1 week ago

    Heartland Alliance Chicago, United States

    Job Description · Job Description · Title: Security Specialist · Location: Beverly, Chicago, IL · Shift: 4p-12:30a or 12a-8:30a · Summary: Are you passionate about ensuring the safety and well-being of vulnerable populations, including unaccompanied minors? If so, we have an e ...

  • Heartland Human Care Services

    Security Specialist

    2 days ago

    Heartland Human Care Services Chicago, United States

    Job Description · Job DescriptionPosition: Security Specialist · Location: Beverly, Chicago, IL · Shift: 4p-12:30a or 12a-8:30a · Summary: · Are you passionate about ensuring the safety and well-being of vulnerable populations, including unaccompanied minors? If so, we have an e ...

  • Request Technology, LLC

    Security GRC Specialist

    6 days ago

    Request Technology, LLC Chicago, United States

    Security GRC Specialist · Salary: open + bonus · Location: Chicago, IL · Hybrid: 3 days in-office, 2 days remote · ***We are unable to provide sponsorship for this role*** · Qualifications · Bachelor's degree · Strong knowledge on Security frameworks and technologies such as ISO ...

  • CDK Global

    Security Specialist

    1 week ago

    CDK Global Hoffman Estates, United States

    Position Responsibilities & Essential functions Oversee CDK Global's badging program and day-to-day operations. · Answer phone calls and emails placed to the badge office in a professional manner. · Manage badge requests and distribution. · Update employee, contractor, and ve ...

  • HexaQuEST Global, Inc.

    IT Security Specialist

    2 weeks ago

    HexaQuEST Global, Inc. Chicago, United States

    Job description · Identity and Access management (IAM) operations team is accountable for the successful delivery of all operational services globally for the IAM applications and infrastructure of the bank. This team supports a wide range of IAM infrastructure such as Single Si ...

  • Air Force Elements U.s. Transportation Command

    security specialist

    2 weeks ago

    Air Force Elements U.s. Transportation Command Chicago, United States

    Summary: This position is part of the Air Force Elements, U.S. Transportation Command.Responsibilities:Manage Insider Threat case assessment actions, provides administrative oversight, coordination, and Insider Threat analysis.Lead and coordinate teams and projects in collecting, ...

  • Cystems Logic Inc

    IT Security Specialist

    3 weeks ago

    Cystems Logic Inc Chicago, United States

    Job Description · Job DescriptionRole: IT Security SpecialistDuration: 12 MonthsLocation: Chicago IL/ Denver COThe successful candidate is an intellectually curious self-starter who requires minimal oversight and who has hands-on experience to hit ground day 1 with cloud control ...