JOB DESCRIPTION:

Senior Product Cybersecurity Analyst

About Abbott

Abbott is a global healthcare leader, creating breakthrough science to improve people’s health. We’re always looking towards the future, anticipating changes in medical science and technology.

Working at Abbott

At Abbott, you can do work that matters, grow, and learn, care for yourself and family, be your true self and live a full life. You will have access to:

Career development with an international company where you can grow the career you dream of .

A company recognized as a great place to work in dozens of countries around the world and named one of the most admired companies in the world by Fortune.

A company that is recognized as one of the best big companies to work for as well as a best place to work for diversity, working mothers, female executives, and scientists.

The Opportunity

This is a global role based in Bogotá, Colombia.

The Product Security Testing Analyst will be responsible for identifying and evaluating information security risks relevant to existing and future medical device products and providing security requirements and recommendations for mitigating such risks. Responsibilities include assisting in defining set of security requirements, evaluating ongoing risk and vulnerabilities through scanning and testing techniques and recommending security measures for Abbott.

What You’ll Do

The Senior Product Cybersecurity Analyst

is responsible for identifying cybersecurity risks of developed, marketed, and fielded products, including, but not limited to, patient safely and data protection risks. The Product Security Analyst will help maintain a product security program that offers services such as:product security risk assessment, security testing, security event handling, metrics & monitoring, external communications, staffing, security standards and compliance, audit support, and education and training working with Quality management systems in a regulated industry.

Develop and maintain product cybersecurity standards and other documents as deemed necessary. Specific tasks may include analyzing existing requirements, reviewing and mapping applicable regulations and cybersecurity frameworks, collaborating with divisional compliance teams, working with impacted stakeholders to complete documentation updates.

Executing control monitoring activities which may include annual planning, walkthroughs and** testing** of specific controls, and status reporting.

Maintain product cybersecurity control framework in alignment with various security industry frameworks (e.g., ISO27K, NIST 800-53, etc.), regulatory requirements (e.g., FDA pre/postmarket cybersecurity guidance), and internal Abbott policies. Specific activities may include review and analysis of existing controls against Abbott and regulatory requirements, creating test plans, communicating control framework to stakeholders, etc.

Assist with execution of the product maturity assessments. Activities may include coordination of internal assessments, working with product teams to complete questionnaires, reporting, etc.

May coach or provide guidance to lower-level security professionals

Participate in company-wide product security initiatives, as necessary.

Develop and effectively execute project plans, work breakdown, structure, and task dependencies, communication plans, etc. as needed.

Prepare internal customers and business partners and guide them through cybersecurity audits

Communicate product security messaging throughout the organization, including program updates with Senior Management.

Provide strategic perspective and alignment, lead governance and training efforts, and contribute to various methodologies in use.

Maintain positive and cooperative communications and collaboration with all levels of employees, customers, contractors, and vendors.

Perform other related duties and responsibilities, on occasion, as assigned.

Required Qualifications

BA/BS or higher in Information Security, Risk or IT Management, Computer Science, or related field; or equivalent experience.

6 years of Information Security/IT/Audit/Consulting experience is required

Certifications such as CISA, CISM, CRISC, CISSP, GSEC, Security+, CPP or CFE are preferred

Knowledge of regulatory and industry compliance frameworks such as NIST Cybersecurity Framework, NIST 800-53, ISO 27001, EU DPD, HIPAA/HITECH, etc.

History of completing successful cross-functional projects and driving positive compliance outcomes.

Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines and service levels.

Must have strong time management skills and an ability to thrive in a high cadence operation

Must work well within a tight-knit team environment and be able to work with peers, customers, and partners to support the mission.

Preferred Qualifications

Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, business user).

Experience with maintaining cybersecurity standards is preferred.

Experiences in audit and/or consulting background is preferred.

Experience with control monitoring activities which may include walkthroughs and** testing** of specific controls.

Experience working within a cybersecurity or IT function requiring acumen in technical systems

Experience with Quality management systems in a regulated industry.

Apply now

Follow your career aspirations to Abbott for diverse opportunities with a company that can help you build your future and live your best life. Abbott is an Equal Opportunity Employer, committed to employee diversity.

Connect with us at www.abbott.com, on Facebook at www.facebook.com/Abbott and on Twitter @Abbott News and @Abbott Global.

The base pay for this position is

N/A
In specific locations, the pay range may vary from the range posted.

JOB FAMILY:

Information Risk & Quality Assurance:

DIVISION:

BTS Business Technology Services:

LOCATION:

Colombia > Bogota : Building II

ADDITIONAL LOCATIONS:

WORK SHIFT:

Standard

TRAVEL:

No

MEDICAL SURVEILLANCE:

No

SIGNIFICANT WORK ACTIVITIES:

Not Applicable