Abbott Senior Incident Response Analyst in St. Paul, Minnesota
At Abbott, we're committed to helping people live their best possible life through the power of health. For more than 125 years, we've brought new products and technologies to the world -- in nutrition, diagnostics, medical devices and branded generic pharmaceuticals -- that create more possibilities for more people at all stages of life. Today, 99,000 of us are working to help people live not just longer, but better, in the more than 150 countries we serve.
Abbott is seeking a Cybersecurity Incident Response professional to work on the global Cyber Incident Response Team (CIRT). CIRTs primary function is to provide continuous security monitoring, triage, investigative response, threat containment and remediation for Abbott as well as contributing to the continuous improvement of Abbott's overall cybersecurity posture.
The Incident Response Analyst will:
Monitor and respond to security events by taking the necessary course of actions such as identifying, containing, eradicating, remediating, extracting indicators, disseminating IOCs to supporting teams.
Analyze computing environments to determine vulnerabilities, recommend safeguards to mitigate risk, and perform compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures.
Perform Incident Handling duties and coordinate with business and application owners to contain and remediate security incidents.
Maintain security infrastructure & cyber-security operations to mitigate identified risks, to meet business objectives, and to meet regulatory requirements.
Utilize security technologies and tools, such as SIEM, IDS/IPS, Malware Analysis platforms, logical access controls, packet capture, endpoint detection and response (EDR), and security operations management systems, in order to support security across the enterprise.
Submit content tuning requests to improve alert fidelity and reduce false positives
Automate manual tasks through technology integrations via scripting and orchestration of playbooks
Perform project leadership tasks on select security projects and supports new security project evaluations.
Provide assistance, guidance, support, & remediation of security architectural/ technical issues to both the business and internal IT.
Support security audit information gathering, review, & remediation.
Continually review and enhance the existing knowledge of the security aspects of common product sets and technologies.
5+ years of experience working in an Information Security environment.
Experience in supporting cyber-security incident response, threat hunting, cyber threat intelligence and content development/tuning.
GIAC (GCIH, GSEC, GCFA, GREM) OSCP, CISSP or equivalent certification preferred.
Bachelor’s degree preferred but will consider applicable work experience as it translates to an equivalent degree.
Experience with programming and scripting languages, preferably Python and PowerShell.
Experience working in a large enterprise/cross-division business unit model preferred.
Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.
Must have good time management skills and an ability to thrive in a high cadence operation.
Be available for on-call duty to handle high-impact cybersecurity incidents.
Demonstrate a passion for information security beyond the workplace.
An Equal Opportunity Employer
Abbot welcomes and encourages diversity in our workforce.
We provide reasonable accommodation to qualified individuals with disabilities.
To request accommodation, please call 224-667-4913 or email firstname.lastname@example.org