Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 115,000 colleagues serve people in more than 160 countries.
JOB DESCRIPTION:
Working at Abbott
At Abbott, you can do work that matters, grow, and learn, care for yourself and your family, be your true self, and live a full life. You’ll also have access to:
- Career development with an international company where you can grow the career you dream of.
- Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year.
- An excellent retirement savings plan with a high employer contribution
- Tuition reimbursement, the Freedom 2 Save student debt program, and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.
- A company recognized as a great place to work in dozens of countries worldwide and named one of the most admired companies in the world by Fortune.
- A company that is recognized as one of the best big companies to work for as well as the best place to work for diversity, working mothers, female executives, and scientists.
The Opportunity
The Director, Product Cybersecurity reports to the Enterprise and Product Cybersecurity Director. The Product Cybersecurity role is responsible for assisting and ensuring Abbott Products are safe and secure and to build products that are compliant with industry regulation and meet customer and patient security expectations. The Product Cybersecurity role will be a key point of contact for CoreDx division. This candidate will be responsible for:
- Divisional cybersecurity process Subject Matter Expert (SME) for multiple Abbott Organizations and Process Owner
- Cybersecurity for Medical and Non-medical products
- Cybersecurity Product Inventory
- Cybersecurity Risk and Vulnerability Management and Process
- Identification of Cybersecurity requirements for Suppliers and Distributors
- Providing Cybersecurity input to internal and external communications
- Conducting Cybersecurity Incident Response Tabletop Exercises
- Conducting Cybersecurity Oversight Committee Meetings to inform Executive Leadership of Cybersecurity Initiatives, Goals, and areas of interest.
- Assessment of Cybersecurity regulations for impact to CoreDx products
What You’ll Work On
- Maintain divisional compliance with applicable Corporate and Divisional Policies and procedures including training.
- Maintain divisional compliance with applicable US and International Regulations, gathering cross-functional expertise when needed.
- Collaborate with division cross-functional teams to develop and maintain product cybersecurity risk management and vulnerability management processes and procedures and create and maintain a Secure Product Lifecycle process.
- Lead and support product teams with product cybersecurity to include risk assessments, threat modeling, vulnerability management, cybersecurity deliverables and mitigation plans.
- Process and technical support for commercial deployments of products worldwide to include into restricted (e.g. China, Russia) environments, ensuring compliance with regional cybersecurity and data protection requirements.
- Build and maintain relationships with internal stakeholders, external partners, and customers to enable successful execution of the division product and enterprise cybersecurity program.
- Serve as a trusted advisor and effectively communicate cybersecurity risks with technical and non-technical internal and external stakeholders, including senior leadership.
- Ensures that user community understands and adheres to necessary procedures to maintain security.
- May require familiarity with identity and access management (IAM), domain structures, user authentication mechanisms, network security controls, including firewalls, intrusion detection/prevention systems (IDS/IPS), secure network architecture, internet protocols and digital certificate/signing solutions.
- Balance business objectives with cybersecurity risks by providing risk-based recommendations and clearly articulating trade-offs to leadership for informed decision-making.
- Lead, mentor, and develop cybersecurity professionals, providing coaching, technical guidance, and career development support across the team.
Required Qualifications
- BA/BS in Business, Engineering, Computer Science, or related disciplines. Master’s degree is desirable.
- Overall 10+ years’ experience with 5+ years of experience working in Engineering, Cyber support, or Product support.
- Strong understanding of Customers, Product Cybersecurity and the relationship between threat, vulnerability and potential customer risk in the context of risk management.
- Understanding medical product safety risk and the relationship with product Cybersecurity risk
- Familiarity with FDA and other countries Regulatory bodies on Cybersecurity guidelines for medical devices and corporate enterprise network
- Familiarity with design of diagnostic medical devices is a plus
- Understanding industry standards such as the NIST Cybersecurity Framework, FedRAMP, RMF, TIR-57 Principles for medical device security risk management, etc.
Preferred Qualifications:
- Previous work experience in a Product role
- Previous work experience in a regulated environment
- Experience with medical device certifications from government agencies is preferred
- Certifications such as CISA, CISM, CRISC, CISSP, CPP or CFE are preferred
- Knowledge of the latest methodologies for enterprise and product cybersecurity risk assessment and vulnerability management and technologies and tools used within the security domain is desired
- Effective Communication skills and collaboration skills.
Apply Now
- Learn more about our health and wellness benefits, which provide the security to help you and your family live full lives: www.abbottbenefits.com
- Follow your career aspirations to Abbott for diverse opportunities with a company that can help you build your future and live your best life. Abbott is an Equal Opportunity Employer, committed to employee diversity.
- Connect with us at www.abbott.com, on Facebook at www.facebook.com/Abbott, and on Twitter @AbbottNews.
The base pay for this position is
$149,300.00 – $298,700.00
In specific locations, the pay range may vary from the range posted.
JOB FAMILY:
Information Risk & Quality Assurance
DIVISION:
BTS Business Technology Services
LOCATION:
United States > Irving : LC-02
ADDITIONAL LOCATIONS:
United States > Lake Forest : CP01
WORK SHIFT:
Standard
TRAVEL:
Yes, 10 % of the Time
MEDICAL SURVEILLANCE:
Not Applicable
SIGNIFICANT WORK ACTIVITIES:
Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)
Abbott is an Equal Opportunity Employer of Minorities/Women/Individuals with Disabilities/Protected Veterans.
EEO is the Law link - English: http://webstorage.abbott.com/common/External/EEO_English.pdf
EEO is the Law link - Espanol: http://webstorage.abbott.com/common/External/EEO_Spanish.pdf