Director - Cybersecurity Third Party Risk Management (Remote)

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn. 

Come to work each day with an inclusive and collaborative business technology team. As a Director - IT Third Party Risk Management in AbbVie Business Technology Solutions (BTS), you’ll have opportunities to contribute to the digital transformation of a leading biopharma company, helping to create solutions that impact patients and their communities for the better.

AbbVie is seeking a strategic, thought leader to lead our Third-Party Cyber Risk Management Program. The Director of Third-Party Cyber Risk Management will be responsible for providing thought leadership, developing the next generation third-party cyber risk management program, engaging with partners across the organization (including Procurement, Legal, Privacy, IT, Relationship Owners and others). They will also provide AbbVie leadership visibility to the risk being assumed through partners, suppliers, and other third-party relationships. 

This position can be remote/virtual from anywhere in the U.S. 

Responsibilities

1. Lead strategy development, program execution, and ongoing management of AbbVie's Third-Party Cyber Risk Management program
2. Responsible for program elements managing third-party risk throughout the life-cycle of the third-party relationship including initial risk assessment, due diligence, contract requirements, ongoing monitoring, and termination/off-boarding strategies
3. Lead and manage a team, including Third-Party Risk Consultants charged with performing common due diligence assessments on AbbVie's third-parties in the areas of Cyber, Privacy, Resilience, etc.
4. Oversee the continuous improvement of these processes as business unit and risk program owner requirements evolve
5. Engage with and manage relationships with AbbVie’s Procurement Organization continuity ensuring and coordination across programs and alignment with overarching TPRM and VRM Policy requirements
6. Maintain an intimate understanding of best-in-class TPRM practices through benchmarking and continuous education
7. Engage with Executive Sponsors and Business Partners and provide value-added insight to improve the certainty of business outcomes and reduce risk
8. Drive accountability for third-party performance and management of risk related to third-parties with business unit Business Partners
9. Conduct risk assessments, develop training and communication, monitor and test the effectiveness of controls, manage risk treatment and remediation, and sustain and optimize applicable risk management programs
10. Instill a culture of risk management, compliance and continuous improvement with partners, using data to influence decisions around control procedures, new technologies, or changes in practice or policy, and execute appropriate remediation follow-up where controls are insufficient or not operating as intended
11. Represent AbbVie with external industry groups and establish peer circles for benchmarking and industry learning and manage relationships with key sourcing constituents.

Qualifications

• Bachelor's Degree with 10 years’ experience; Master's Degree with 9 years’ experience; PhD with 5 years’ experience.
• Understanding of IT Risks in terms of Data driven, Business driven and Event driven risks.
• Experience in Information technology, with at least 10 years in managing and leading large programs, preferably within IT Services, information security and IT Risk management areas.
• Proven experience in managing 3rd party risks from both a strategic and operations perspective.
• Strong understanding of Privacy and legal concerns as it relates to global IT Risk management.
• Key competencies include: knowledge of AbbVie's business, preferably in IT Security & International, enterprise thinking with ability to build credibility within the organization; time management, project management mastery, expertise in development and implementation of procedures and in-process metrics, strong interpersonal skills, and ability to successfully adapt to changing requirements.
• A proven ability to lead and develop organization specifically through change and transformation. Ability to lead and implement change.
• Must be comfortable with ambiguity; demonstrate strong writing, problem solving and creative thinking skills, and ability to work effectively with conceptual structures, outlines and models. Must be able to work under pressure and tight deadlines.
• Ability to interact and influence at all levels of management across divisions and functions.
• Strong negotiation and decision skills. Excellent written and verbal communication skills.

Why Business Technology Solutions
For anyone who wants to use technology and data to make a difference in people’s lives, shape the digital transformation of a leading biopharmaceutical company, and secure sustainable career growth within a diverse, global team: we’re ready for you.

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: ​

• The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.​

• We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.​

• This job is eligible to participate in our short-term incentive programs. ​

• This job is eligible to participate in our long-term incentive programs. ​

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law. ​

AbbVie is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion.  It is AbbVie’s policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.