Offers “Abbott”

Expires soon Abbott

Principal Security Engineer

  • Internship
  • Paul (Minidoka)
  • Infra / Networks / Telecom

Job description

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 103,000 colleagues serve people in more than 160 countries.

JOB DESCRIPTION:

Job Summary:

The Principal Security Engineer participates in security design and engineering efforts related to infrastructure and security systems maintained by Product Technology. The Principal Security Engineer is responsible for day to day security operations of security systems, participating and leading security exercises, participating in threat modeling and risk assessments, participating in audits, and conducting Blue Team activities associated to the environments maintained by Product Technology.

Job Duties:

  • Owns and manages security technologies and tools such as SIEM, IDS/IPS, WAF (F5 ASM), logical access controls, NGFWs (Palo Alto and Cisco ASA), and security operations management systems in order to support security within the Product Technology IT environment
  • Supports internal periodic Product Technology IT security and compliance reviews, including information and evidence gathering, data review, & remediations to ensure infrastructure and security systems are operating in accordance with established policies and procedures
  • Supports 3rd party security audit information gathering, findings reviews, & remediation coordination
  • Assists with account and access management reviews (Periodic Access Reviews)
  • Assists application teams with troubleshooting activities related to security systems and works with security administrators and analysts for any identified issues
  • Maintains security infrastructure & cyber-security operations through security system patching, signature deployment, and other related activities to mitigate identified risks, to meet business objectives, and to meet regulatory requirements
  • Assists with responding to security events that are escalated via the Product Technology SOC to Product Technology Security Operations
  • Submits content tuning requests to SOC in order to improve alert fidelity and/or reduce false positives
  • Analyzes logs related to network traffic and web application firewall events to determine areas for improvement, recommends safeguards to mitigate risk, and performs compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures
  • Is an escalation point for Product Technology SOC for Incident Handling duties and participates along with business and application owners to contain and remediate security incidents
  • Documents system configurations and provides input into related standard operating procedures
  • Documents system and application data flows and maps security controls to said flows
  • Complies with U.S. Food and Drug Administration (FDA) regulations, other regulatory requirements, Company policies, operating procedures, processes, and task assignments. Maintains positive and cooperative communications and collaboration with all levels of employees, customers, contractors, and vendors.
  • Performs other related duties and responsibilities, on occasion, as assigned

Qualifications:

  • Detailed understanding of security concepts and principles
  • Interest in administrating security systems, including Intrusion Prevention Systems such as Palo Alto vulnerability protection and Cisco's FirePOWER Services
  • Familiarity with Web Application Security with willingness to learn and become system owner/SME
  • Extensive experience connecting to networking and security systems and pulling configuration information
  • Experience connecting to Linux and Windows operating systems
  • Extensive experience designing and implementing security systems and controls
  • Familiarity with Public Key Infrastructure (PKI)
  • Familiarity with Cryptography
  • Familiarity with REST APIs
  • Familiarity with scripting and automation
  • Familiarity with SIEM systems or other centralized log management solutions, preferably Splunk
  • Familiarity with risk assessments and threat modeling
  • Experience collecting and correlating information
  • Experience working through change management processes and ticket management
  • Must have experience with office applications such as Outlook, PowerPoint, Word, Excel, and Visio
  • Must be flexible with working hours during critical deliveries and operational issues
  • Strong verbal and written English communication skills are required for this role
  • Ability to take initiative and operate semi-independently at times
  • Ability to travel approximately 10%
  • Ability to maintain regular and predictable attendance

Minimum Qualifications:

  • Bachelors degree in STEM or Equivalent experience
  • 7+ years of IT experience

JOB FAMILY:

IT Operations

DIVISION:

GIS Global Information Services

LOCATION:

United States > Minnesota > St. Paul > Lillehei : One Lillehei Plaza

ADDITIONAL LOCATIONS:

WORK SHIFT:

Standard

TRAVEL:

Yes, 10 % of the Time

MEDICAL SURVEILLANCE:

No

SIGNIFICANT WORK ACTIVITIES:

Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day), Keyboard use (greater or equal to 50% of the workday)

Abbott is an Equal Opportunity Employer of Minorities/Women/Individuals with Disabilities/Protected Veterans.

EEO is the Law link - English: http://webstorage.abbott.com/common/External/EEO_English.pdf

EEO is the Law link - Espanol: http://webstorage.abbott.com/common/External/EEO_Spanish.pdf

Make every future a success.
  • Job directory
  • Business directory