Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals, and branded generic medicines. Our 109,000 colleagues serve people in more than 160 countries.
The key to successful treatment and full recovery is often fast, accurate diagnosis. Abbott's life-changing tests and diagnostic tools provide insights that enable smarter, faster decisions and transform the way the world is managing health.
Our pioneering technology spans the world of healthcare operations - with medical diagnostic instruments, tests, automation and informatics solutions for hospitals, reference labs, blood centers, emergency departments, physician offices and clinics.
This Cybersecurity Engineer opportunity may be located in either Lake Forest, IL or Santa Clara, CA.
WHAT YOU'LL DO
This position is responsible for the design, implementation, and maintenance of security principles and policies across the AlinIQ portfolio of cutting-edge medical and non-medical software and devices. The Cybersecurity Engineer will serve as a Subject Matter Expert (SME) for product research and development teams, working closely with software engineers, product management and development, and divisional and corporate information systems. Key performance indicators for this role include assessing and maintaining compliance to security policies and standards, timely provisioning of product security assessments, and support for auditing of our secure product lifecycle for the AlinIQ portfolio of products. The role requires the ability to work in an environment that is fast paced, to work independently, and to apply the latest security design and tooling strategies available.
The Cybersecurity Engineer reports into the AlinIQ Product Research and Development organization as part of a cybersecurity team. The Cybersecurity Engineer is responsible for design, implementation, and analysis ensuring safe and secure products that are compliant with division, corporate, and industry regulation and meet customer and patient security expectations.
Responsible for applying an interdisciplinary, collaborative approach to plan, design, develop validate and verify cyber solutions across the product life cycle for our portfolio of AlinIQ products
Responsible to develop, evaluate and analyze design constraints, trade-offs and detailed system and security design
Responsible to develop and test cybersecurity features and tools
Responsible to conduct cybersecurity test and evaluation of hardware and/or software designs to verify and validate compliance with defined specifications and requirements
Responsible for working within a collaborative, multi-discipline environment to produce secure deliverable products as part of an Agile team
Implement security testing in our CI/CD pipeline
Employ cybersecurity processes, methods, techniques and tools and assure their consistent application
Drive efficiency through standardization, automation, documentation, and cross-training
Analyze source code, test data, and security scan reports for vulnerabilities and develop/implement mitigations
Identify security design gaps in existing and proposed products and recommend changes or enhancements
Perform threat identification and mitigation activities using industry leading security controls and tools sets
Assist development teams on how to apply secure coding practices, properly scan and remediate their code
Maintain portfolio compliance with applicable Corporate and Divisional Policies and procedures
Build and maintain relationships necessary for the successful execution and sustainability of the product portfolio cybersecurity program
Stay abreast of changes in the business and product environment as well as the evolving regulatory and threat landscape
Ability to articulate technical discussions with internal and external stake holders / customers
Integrates Knowledge of technical standards with communication, leadership and business skills
Participates in establishing technology-specific vision and strategy
Participates in the development of Abbott Security policies as applicable to area of expertise
May require travel based on project needs
EDUCATION AND EXPERIENCE
BA/BS Degree in Engineering, Computer Science, MIS, Telecommunications or related field.
4 - 8 years IT experience with Fortune 500 company; 5+ years of experience in secure product development lifecycle engineering strongly desired
Previous work experience in a product cybersecurity role is preferred
Strong understanding of product cybersecurity and the relationship between threat, vulnerability and potential customer risk in the context of risk management
Familiarity with design of diagnostic medical devices is a plus
Understanding of industry standards such as the NIST Cybersecurity Framework, FedRAMP, RMF, IMDRF, TIR-57 Principles for medical device security risk management, etc.
Experience with secure configuration/hardening of systems
Knowledge of securing Kubernetes and Docker Containers
Knowledge of Oracle, Delphi and Windows (client server applications) a plus
ISC2 CCSP Certified Cloud Security Professional, ITIL Certification(s), or CCNA/P is desirable
Current AWS/Azure Certifications preferred, but not required
Certifications such as CISA, CISM, CRISC, CISSP, CPP, CFE or SANS are preferred
Experience in NIST Risk Management Framework and Software Assurance measures and practices preferred
Experience in cryptographic standards and methods and detailed knowledge of cryptographic key management preferred
Knowledge about the latest methodologies for product cybersecurity risk assessment and vulnerability management and technologies and tools used within the product security domain is desired
Experience in Atlassian suite - JIRA, Bitbucket and Confluence preferred
Must have strong interpersonal, analytical, problem solving and organizational skills, and the ability to independently work as a contributing member in a high-paced and focused team
Strong written and verbal communication and presentation skills
WHAT WE OFFER
At Abbott, you can have a good job that can grow into a great career. We offer:
Training and career development, with onboarding programs for new employees and tuition assistance
Financial security through competitive compensation, incentives and retirement plans
Health care and well-being programs including medical, dental, vision, wellness and occupational health programs
Paid time off
401(k) retirement savings with a generous company match
The stability of a company with a record of strong financial performance and history of being actively involved in local communities
Follow your career aspirations to Abbott for diverse opportunities with a company that provides the growth and strength to build your future. Abbott is an Equal Opportunity Employer, committed to employee diversity.
Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 109,000 colleagues serve people in more than 160 countries.