Skip to main content

Search jobs

Search jobs

About AbbVie

AbbVie’s mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women’s health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn.

Business Information Security Officer - Global Commercial

Lake County, Illinois Req ID 2205273 Category Information Technology Division AbbVie

Description: Global Commercial Business Information Security Officer (BISO)

The Global Commercial Business Information Security Officer (BISO) is the senior information security partner within the Global Commercial business function for all services and core solutions; responsible for prioritizing security risks across the line of business (BU’s), technology, and representing the CISO in functional security matters. 

Focal point to work with business IT (BTO) to understand the security requirements and implications of business IT efforts and interact with the AbbVie Information Security and Risk Management (ISRM) team as needed. This role is a senior-level individual contributor role.

Primary Responsibilities

  • Ensure coordination of activities between the Commercial IT Leadership Team and the ISRM team.
  • Ensure the implementation of ISRM, data protection and privacy standards across the business. Manage the security processes and effectively ensuring guidance in accordance to ISRM policies and procedures.
  • Work with functional IT teams to develop mitigations for system security threats and risks.
  • Serve as a cyber security subject matter expert (SME), coordinating and providing multi-disciplinary knowledge, skills, and experience in security architecture, and security management roles and responsibilities.
  • Define, develop, and present critical risk KPI’s to business leadership.
  • Provide consulting services on current and upcoming projects covering all levels IT security architecture.
  • Review of vulnerability and patching analysis reports and management of resolution activities on behalf of business IT to assess risk level and prioritize action.
  • Respond to customer queries in support of the business programs and projects.
  • Manage and respond to Data Privacy and InfoSec support requests from across the business in coordination with the CISO
  • Provide advice and guidance to management and customers.
  • Participate with the Business Relationship Management (BRM) team and Security Working Group supporting the customers.

Required Qualification:

  • Bachelor's degree and minimum 12 years of experience in Information Security, Information Assurance and/or Cyber Security space. Additional relevant experience and professional certifications will be considered in lieu of a degree.
  • Experience in the information security field designing and implementing enterprise security solutions in a global context.
  • Experience working in a global organization and implementing solutions in multiple geographic regions and the requirements in those countries (e.g., China (CSL, PIPL), Brazil, UK (GDPR), etc.)
  • Deep and broad understanding related to security encompassing end point technologies, applications, application hosting, physical and virtual data center hosting.
  • Knowledge of information security management frameworks, e.g., ISO 27001 or NIST CSF.
  • Experience with security practices such as security incident response and risk management.
  • Experience in the design, development, implementation, and operational support of mission critical solutions in large scale environments and organizations.
  • Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members.
  • Experience in leading projects leveraging global teams with highly matrixed resources.
  • Must be a critical thinker with strong problem-solving skills.
  • Knowledge and understanding of relevant legal and regulatory requirements.
  • Experience with contract and vendor negotiations.
  • High level of personal integrity, and the ability to professionally handle confidential matters and show an appropriate level of judgment and maturity.
  • High degree of initiative, dependability, and ability to work with little supervision.
  • Ability to think at systems / architecture level I.e. How do all the parts of the solution fit together not just design at element level.
  • Proven ability in security process and organizational design; Current understanding of Industry trends and emerging threats; and knowledge of incident response methodologies and technologies.


Desired Qualification:

  • Advanced degree in applicable field
  • Technical writing-comfortable writing reports for senior management
  • 8+ years of IT security experience working in an infrastructure or security architecture environment.
  • Cyber security risk management experience, e.g., conducting assessments, identifying risks, and recommending solutions.
Significant Work Activities: Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)
Travel: Yes, 10 % of the Time
Job Type: Experienced
Schedule: Full-time

Most recent jobs

Sign up for job alerts

Join our talent network and receive AbbVie news and job alerts to your inbox.

Interested InPlease select a category or location option. Click “Add” to create your job alert.

  • Information Technology, Lake County, Illinois, United StatesRemove

Our Terms of Use, Cookie Policy and Privacy Policy explain how we collect and use information about you and the rights you have. By submitting your information, you acknowledge you have read those documents and consent to receive SMS communications and email jobs alerts from AbbVie.

Recently viewed jobs

You have not viewed any jobs recently.

Phishing scam alert

As an online job seeker, you could be a target of cyber (online) thieves seeking to secure personal information from you by sending you “phishing” messages.

Please be alert to and protect yourself from phishing scams. Find out how you can avoid being a victim of job phishing scams.

For Internal Candidates only - Notice of Filing of Labor Condition Application

Equal Employment Opportunity | Reasonable Accommodation