• Product Security Analyst

    Abbott (St. Paul, MN)


    Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 114,000 colleagues serve people in more than 160 countries.

     

    Working at Abbott

     

    At Abbott, you can do work that matters, grow, and learn, care for yourself and your family, be your true self, and live a full life. You’ll also have access to:

     

    + Career development with an international company where you can grow the career you dream of.

    + Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year.

    + An excellent retirement savings plan with a high employer contribution

    + Tuition reimbursement, the Freedom 2 Save (https://www.abbott.com/corpnewsroom/strategy-and-strength/tackling-student-debt-for-our-employees.html) student debt program, and FreeU (https://www.abbott.com/corpnewsroom/strategy-and-strength/college-degree-for-free-its-possible-with-freeu.html) education benefit - an affordable and convenient path to getting a bachelor’s degree.

    + A company recognized as a great place to work in dozens of countries worldwide and named one of the most admired companies in the world by Fortune.

    + A company that is recognized as one of the best big companies to work for as well as the best place to work for diversity, working mothers, female executives, and scientists.

     

    The Opportunity

     

    The **Product Security Analyst** is a high caliber performer responsible for identifying security risks of developed, marketed, and fielded products, including, but not limited to, patient safety and data protection risks. The Product Security Analyst will help build and maintain a product security program that offers services such as: product security risk assessment, security testing, security event handling, metrics & monitoring.

    Responsibilities:

    + In a team environment, support the implementation, integration and maintenance of security technologies enabling security shared services.

    + Develop and maintain technical documentation for internal and external use and effectively transfer knowledge to business and IT team members.

    + Evaluate potential technologies, process flows, and toolset configurations to improve operations and efficiencies of security shared services.

    + Provide end-user support and resolve technical issues.

    + Stay up to date with medical device security industry trends, regulations, and standards/guidance to inform implementation design.

    + Perform all procedures necessary to ensure the safety of information systems and to protect systems from intentional or inadvertent access or destruction.

    + Participate in company-wide product security initiatives as necessary

    + Maintain positive and cooperative communication and collaboration with all levels of employees, customers, contractors, and vendors.

    + Must be able to weigh business needs against security concerns and articulate issues to management.

    + Communicate product security messaging throughout the organization, including program updates with Senior Management.

    + Perform other related duties and responsibilities, on occasion, as assigned

    Required Qualifications:

    Education and Required experience:

    + Bachelor’s degree in computer science, MIS, Information Assurance, or related field. Equivalent combinations of education and work experience may be considered.

    + 2 - 6 years of experience in IT Security/IT Audit/Risk Management, experience with software development/security testing and related **SAST/DAST/SCA/vulnerability scanning tools** is preferred.

    + Strong experience with **Medical device security** industry trends, regulations, and standards/guidance to inform implementation design.

    + Intermediate experience Atlassian JIRA/Confluence and SOAR technology knowledge

    + Must have strong time management skills and an ability to thrive in a high cadence operation

    + Must work well within a tight-knit team environment and be able to work with peers, customers, and partners to support the mission.

    Preferred Qualifications:

    + Ability to obtain industry certifications (i.e., CISSP / CISA / CISM / GIAC Web Application Penetration Tester (GWAPT))

    + History of completing successful cross-functional projects and driving positive compliance outcomes.

    + Knowledge of national and international regulatory compliances and frameworks such as NIST Cybersecurity Framework, ISO 27001, EU DPD, HIPAA/HITECH

    + Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines and service levels.

    + Must have strong time management skills and an ability to thrive in a high cadence operation

    + Must work well within a tight-knit team environment and be able to work with peers, customers, and partners to support the mission.

    + Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, user).

    + Able to understand and leverage the IT and business vision and strategy to support solution definition

    + Able to professionally represent the Security function to key business stakeholders

    + Ability to work in a highly matrixed and geographically diverse business environment.

    + Ability to work within a team and as an individual contributor in a fast-paced, changing environment.

    + Ability to leverage and/or engage others to accomplish projects.

    + Ability to travel approximately 10%, including internationally.

    + Ability to maintain regular and predictable attendance.

    MISC:

    + This is an **onsite role** located in MN location. This is **not** a remote role/opportunity.

    **Learn more about our health and wellness benefits, which provide the security to help you and your family live full lives:** www.abbottbenefits.com (http://www.abbottbenefits.com/pages/candidate.aspx)

     

    Follow your career aspirations to Abbott for diverse opportunities with a company that can help you build your future and live your best life. Abbott is an Equal Opportunity Employer, committed to employee diversity.

     

    Connect with us at www.abbott.com , on Facebook at www.facebook.com/Abbott , and on Twitter @AbbottNews.

     

    The base pay for this position is $60,000.00 – $120,000.00. In specific locations, the pay range may vary from the range posted.

     

    An Equal Opportunity Employer

     

    Abbot welcomes and encourages diversity in our workforce.

     

    We provide reasonable accommodation to qualified individuals with disabilities.

     

    To request accommodation, please call 224-667-4913 or email [email protected]