AbbVie Principal Threat Detection Engineer (Remote) in Philadelphia, Pennsylvania

Company Description AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, bolthires and LinkedIn. Job Description This position is part of AbbVie’s Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk. This position can be remote anywhere in the U.S. This role is an advanced technical role focused on autonomously driving and maturing AbbVie’s threat detection and monitoring services. This role will serve as a technical subject matter expert on the cyber threat landscape, attacker tactics and techniques and serve as the lead on threat detection content development lifecycle. You will also coach junior team members, engage in advanced data analysis, and work closely with the Incident Response teams (primary customer). This role can be remote anywhere in the U.S. In this role, you’ll be responsible for: · Developing and maintaining threat detection content informed by the threat landscape, including tracking emerging threats and our coverage and susceptibility to the underlying techniques. · Understanding the threat landscape and coverage of related Tactics, Techniques, and Procedures (TTPs) by our technologies to understand where we need to fill gaps related to data, content, toolset etc. · Collaborating with the Red Team to test novel attack techniques, public exploit proof-of-concepts for emerging threats, and the efficacy of our existing detections. · Leading Purple Team exercises, including exercises conducted by external vendor. · Reporting, developing, and tuning of detection content to address Purple Team findings. · Reviewing detection content contributions from junior resources for accuracy and efficacy. · Actively participating in major cybersecurity incidents to provide input based on subject matter expertise, detection, and data insights. · Assisting with validating team member skills and contributing to career progression through coaching, training opportunities, and challenging team members to improve. · Collaborating with specialists and analysts to actively contribute to risk reduction efforts, including but not limited to assessments and in-depth research and analysis of threats. · Providing technical input into defensive toolset engineering, including content creation, tuning, expansion of defensive platforms, and implementation of new controls. · Staying informed of modern defensive cybersecurity controls functionality and limitations, including the latest defensive technologies and techniques. · Contributing to service improvements and expansion initiatives by providing input based on subject matter expertise and an advanced understanding of evolving threats. Tools and skills you will use in this role: · Identifying cybersecurity threats · Data analytics, including event correlation and trend analysis. · Industry leading security products including EDR, SIEM, SOAR, CSPM, vulnerability scanning, NGFW’s, internet proxies, zero trust. · Incident analysis and general troubleshooting · Industry leading ETL and data analytical tools · SQL or similar query languages Qualifications Required: • Bachelor's Degree with 8 years of experience OR Masters Degree with 7 years experience OR PhD with 3 years of experience in information security. • Strong knowledge and application of cybersecurity terminology and concepts, and expert understanding of the cyber threat landscape and attack vectors • Thorough understanding of the MITRE ATT&CK framework and its practical applications. • Expert data analytics using a modern SIEM or a similar logging/data analytics platform. • Demonstrated critical thinking, problem-solving, and analytical skills; investigates, defines, and resolves critical issues. • Strong knowledge of diverse operating systems, networking protocols, systems administration, and security technologies. • Willingness to be available, as needed, for critical and major security issues. • Demonstrated subject matter expertise across multiple cybersecurity capabilities. • Ability to work independently and effectively as part of a team. Beneficial: • Work experience as a tier-3 level incident responder or a Cyber Threat Intelligence analyst. • Ability to author technical documentation and perform quality assurance reviews of documents created by peers. • Regularly collaborate with peers, business, and IT stakeholders to support daily activities. • Ability to execute autonomously, contributes to decisions based on specialized knowledge. • Strong business acumen and an ability to assess, understand, and articulate technical impact and risk to a diverse audience. • Strong organization skills with attention to detail. • Strong written and verbal communication skills with a high level of professionalism. Why Business Technology Solutions For anyone who wants to use technology and data to make a difference in people’s lives, shape the digital transformation of a leading biopharmaceutical company, and secure sustainable career growth within a diverse, global team: we’re ready for you. Additional Information Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: ​ The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.​ We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.​ This job is eligible to participate in our short-term incentive programs. ​ This job is eligible to participate in our long-term incentive programs​ Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law. ​ AbbVie is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion. It is AbbVie’s policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status. Source link Apply tot his job Apply tot his job