Abbott Sr. Security Analyst, Product Security in St. Paul, Minnesota
At Abbott, we're committed to helping people live their best possible life through the power of health. For more than 125 years, we've brought new products and technologies to the world -- in nutrition, diagnostics, medical devices and branded generic pharmaceuticals -- that create more possibilities for more people at all stages of life. Today, 99,000 of us are working to help people live not just longer, but better, in the more than 150 countries we serve.
We are seeking an experienced, high caliber Senior Product Security Analyst to be responsible for identifying security risks of developed, marketed and fielded medical devices, including, but not limited to, patient safety and data protection risks. Responsibilities include assisting in implementing a product security program, a Global IT central service offering related to product security. Key responsibilities include customer interactions and responding to customer inquiries regarding security and privacy of our medical devices.
To be successful in this position, this individual should have exceptional written and verbal communication skills, time and project management skills, interpersonal skills, and leadership skills, should be able to take on complex projects and assignments without detailed specifications and provide leadership direction to other personnel as appropriate.
Participate in company-wide product security initiatives as necessary.
Provide directional feedback on medical device security activities and their alignment to organizational goals and objectives, including moving towards security by design.
Respond to customer inquiries related to security and privacy of our medical devices; coordinate across SJM personnel to accurately, efficiently, and consistently respond to inquiries.
Communicate product security messaging throughout the organization, including program updates with Senior Management.
Facilitate external communications related to the security of the medical devices designed, developed, or managed by Abbott.
Coordinate with product marketing to periodically perform analysis around the medical device environment including, but not limited to competitors, key issues, strategies, and industry trends.
Provide information security expertise and assist in incorporating control measures into developing and existing products.
Develop and maintain product security technical documentation for internal and external use.
Develop and maintain technical expertise pertaining to Product Security and effectively transfer knowledge to business and IT team members.
Participate in the development and integration of the Product Security Program across the company, including processes regarding the implementation of security mitigations, responding to customers’ security inquiries, and the consistent handling of security events.
Define, gather, and monitor meaningful metrics necessary for successful implementation and adoption of the product security program.
Participate in the development of a GIT central service offering related to product security and manage associated services as necessary.
Manage and monitor product security remediation efforts to successful completion including the development of supporting evidence and documentation.
Work closely with internal business partners to incorporate security mitigations into new products during research and development phases while driving a continued focus on efficiency.
Determine need and then prepare and deliver audience-targeted product security presentations to continually educate the business community of the risks in the Product Security environment and provide solutions to address or mitigate such risks.
Coordinate and assist with third party engagements including planning activities, review of deliverables, project management, and reporting.
Work with legal and other regulatory and compliance groups to ensure the company is compliant with key laws, regulations, and certifications.
Assist with the coordination of regulatory examinations, including internal and external audits including but not limited to ISO 27001, SOC2, etc.
Attend relevant industry conferences to understand trends and maintain visibility on the industry including new regulations, potential vulnerabilities, and security events.
Develop, maintain, and continually improve documentation for product security policy, standards, procedures, and templates.
BA/BS degree in Computer Science, MIS, Information Assurance, or related field.
4+ years of industry work experience in information security or related role.
CISSP or other industry certifications desired.
Energetic team player with strong initiative, team orientation and good problem solving skills.
Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner, and be able to meet assigned deadlines and service levels.
Demonstrated interpersonal skills, including the ability to listen, resolve problems, deal with unresolved issues, delays and unexpected events, and the ability to effectively communicate and maintain rapport with supported customers.
Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, user).
Able to understand and leverage the IT and business vision and strategy to support solution definition.
Able to professionally represent the Product Security function to key business stakeholders.
An Equal Opportunity Employer
Abbot welcomes and encourages diversity in our workforce.
We provide reasonable accommodation to qualified individuals with disabilities.
To request accommodation, please call 224-667-4913 or email email@example.com