AbbVie’s mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas: immunology, oncology, neuroscience, eye care, virology, women’s health and gastroenterology, in addition to products and services across its Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, YouTube and LinkedIn.
Information Security Architect - Industrial Control Systems
Lake County, IllinoisReq ID 2206976Category Information TechnologyDivision AbbVie
AbbVie’s Information Security team is seeking a candidate to join an exciting, high-performing organization. The Information Security Industrial Control Systems (ICS) Architect, working within AbbVie’s enterprise-wide information security team, will be responsible for collaborating with engineering and automation business areas to design secure methods and systems to enable our manufacturing facilities. The Information Security team is looking for a highly motivated, self-driven individual that is never satisfied with the status quo.
Ideal candidates will have an in-depth understanding of cyber security and technical architectural standards, including network design and operational technology system security. The ICS architect will apply IT-centric security practices to the ICS environment, partnered with ICS team members. The ICS Architect must be able to provide consulting services to the manufacturing teams, including guidance around leveraging secure architectural models and solutions. Candidates must have the ability to discuss and present security (vision, design, deploy) to different levels of leadership.
This candidate will also be a key member of project teams for implementation and improvements in the manufacturing environment, including the design and implementation of enterprise security services into and around manufacturing systems and technologies.
Major Duties and Responsibilities:
Collaborate with manufacturing teams to understand business needs and constraints, identifying workable security solutions to support business challenges
Collaborate with manufacturing technology leaders to drive or participate in initiatives to more closely integrate manufacturing tools and services
Provide guidance around architectural security solution to support the maturation of manufacturing operations
Assist incident response team in responding to cyber incidents on the manufacturing systems
Provide network and system specification documentation deliverables to address cybersecurity vulnerabilities and the security controls necessary in mitigate the vulnerabilities to an acceptable level of risk
Monitor the current state of security in the ICS environment and determine the applicability to AbbVie to develop action plans and strategic direction.
Development of architectural reference models and design patterns for the operational technology environment.
Experience and Skills
of experience required in cybersecurity and/or a combination of information technology engineering, auditing, and/or cybersecurity
Strong written and verbal communication skills
ICS network design experience and understanding of different industrial control security frameworks (i.e. Purdue model)
Information security qualification such as CISSP (or equivalent experience) is preferred
Experience in network design and system configuration to include firewalls, protocols, ports, VLANs, VMs, and route configuration.
Proven experience delivering facility design or design-build projects, served as a project team’s cybersecurity consultant and designer to facilitate reliable, safe, and secure network and system designs
An understanding of data networks and protocols, both in IT and ICS/OT spaces
A deep understanding of cybersecurity challenges and risk in the ICS/OT space and solutions to mitigate them is preferred
Functional knowledge and experience with systems in pharmaceuticals or other healthcare regulated sectors is preferred
Building consensus and impacting outcomes with authority and ability to negotiate trade off decisions across the organization
It is preferred if the candidate has held a cybersecurity and ICS focused role, participated in or led cybersecurity centric ICS initiatives, and/or worked with industrial control systems and networks
Significant Work Activities: Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)