Senior Specialist Cybersecurity

Abbott

Experience
Company Type
Qualifications
Responsibilities
Workhours

     

JOB DESCRIPTION:

Primary Function

This role is within Information Security and Risk Management (ISRM), responsible for country cyber security program.  Key point of contact for all ISRM related matters, ensuring delivery and support of all ISRM programs and solutions in the country.  Work collaboratively with global ISRM and IT functions, local IT teams and local business partners.

Core Job Responsibilities

  • Key point of contact at the affiliate/region for all Incident Response related activities and communications.  Key liaison with business and IT
    • Responsible for gathering the artifacts to facilitate incident response process and coordinate IT systems remediation – gather logs, gather evidence, take forensic images, isolate any IT equipment impacted and coordinate all needed investigation activates under the direction of ISRM IR team
  • Country/region specific expertise to support ISRM security architecture needs
    • Coordinate scanning and identification of vulnerabilities
    • Provide guidance on secure SLC and minimal cyber controls for local application development
    • Key point of contact for local security architecture design – such as local boarders and systems
  • Key contact for dawn raids for information security IT specific actions
    • Responsible to identify and address all IT specifics points during or after the dawn raid
  • Coordinating operational tasks such as patch management requirements and compliance with ISRM standards
    • Ensure application & server owners maintain inventory (CMDB) accuracy. 
    • Educate business owners on the importance and availability of fully automated patching services.  Allowing the business to simply select time/date for security patch installation and server restart without local resource requirement or involvement.
  • Key subject matter expert for in country/region specific privacy requirements – conducts assessments if needed
  • Lead and provide expertise for country/region ISRM training and awareness campaigns
  • Responsible to establishing in-country VRM program under direction of BTS
  • Communicate prioritization criteria and help identify vendors with access to sensitive data.
  • Responsible for oversight and enforcement of internal security policies and applicable external cyber regulations 
  • Work collaboratively with local legal teams to protect personally identifiable information (PII)

Supervisory/Management Responsibilities

  • Promotes a global ISRM perspective
  • Communicate and align ISRM , to Regional and local IT and business management.
  • Understands business unit strategy and translates business strategy in an aligned ITSRM strategy of programs, projects and applications
  • Builds solid and efficient organizational structure and relationship with Global organization to assure alignment and compliance with Guidelines, policies, roadmaps and procedures.
  • Creates a working environment that is motivating and helps collaborators to grow in their positions

Position Accountability  / Scope

Reports to the IT Director, Cyber Regional Programs.  The scope of this position is country/region specific and considers the information security implications unique to all Abbott divisions when developing governance and risk management strategies.  No direct budget responsibility.

Minimum Education

• Bachelor's degree in Information Security, Computer Science, or related field

Minimum Experience/Training Required

• 7-10 years of experience is required.

• Possess CISSP certification (or similar) preferred and be knowledge of local regulatory requirements including privacy and data localization as well as international regulatory compliances and frameworks such as ISO, NIST, SOX,  HIPAA, and PCI DSS is desired.

     

JOB FAMILY:

Information Risk & Quality Assurance

     

DIVISION:

GIS Global Information Services

        

LOCATION:

China > Shanghai : 388 Nan Jing Road West

     

ADDITIONAL LOCATIONS:

     

WORK SHIFT:

Standard

     

TRAVEL:

Not specified

     

MEDICAL SURVEILLANCE:

Not Applicable

     

SIGNIFICANT WORK ACTIVITIES:

Not Applicable

     

     

     

Read Full DescriptionHide Full Description
Confirmed 19 hours ago. Posted 30+ days ago.

Discover Similar Jobs

Suggested Articles

One Step Register
Need an account? Sign Up