As artificial intelligence (AI) capabilities rapidly expand across the enterprise, this role will also be responsible for incorporating AI usage, governance, and misuse detection into the overall security posture and hygiene strategy. This includes addressing both intentional and unintentional misuse of AI technologies, ensuring that AI-enabled tools, platforms, and workflows are used in accordance with enterprise policies, data protection standards, and ethical guidelines, while minimizing emerging security, privacy, and compliance risks.

Along with ensuring AI ethical guidelines, the Associate Director, AI Security Posture and Hygiene, plays a pivotal leadership role within our organization, steering the strategic direction, design, and implementation of our security posture and hygiene program. This role is at the forefront of enhancing our cybersecurity measures across a diverse and complex infrastructure landscape, including on-premise and cloud models.

By continuously monitoring and remediating security control gaps and leveraging the Center for Internet Security (CIS) Top 18 critical security controls, this position aims to bolster our defenses by improving our hygiene of cybersecurity standards and practices.

This position can be based anywhere remotely/virtually anywhere in the U.S.In this role, you will be responsible for:

• Establish a comprehensive mature security posture and hygiene strategy for artificial intelligence and machine learning technologies, including generative AI, across enterprise environments (on‑premise and cloud).
• Assemble and manage a team dedicated to implementing, assessing, and maturing the CIS Top 18 critical controls and their associated safeguards.
• Develop and execute strategies for continuous monitoring and improvement of security controls and configurations across enterprise systems.
• Ensure the hygiene of security configurations by establishing and enforcing policies, procedures, and standards to prevent unauthorized access, data breaches, and other cyber threats.
• Collaborate with IT, network, and other relevant departments to align security measures with organizational goals and compliance requirements.
• Develop and maintain comprehensive documentation on security controls, assessments, incidents, and improvements.
• Conduct regular assessments to determine the maturity of each security control, identifying areas for improvement and recommending enhancements.
• Foster strong partnerships with technology and domain stakeholders to ensure seamless integration and compliance of security practices across the enterprise.
• Stay abreast of the latest cybersecurity trends, threats, and technologies to adapt and evolve our security strategies accordingly.
• Lead initiatives to educate and train team members and the wider organization on cybersecurity good practices and the importance of a forward-thinking security posture.
• Ensure that all security programs and initiatives adhere to relevant laws, regulations, and policies, continuously updating practices to meet new standards.
• Oversee daily operations, including targeted assessments, risk management, and response strategies, ensuring a high level of security and resilience against cyber threats.
• Build collaborative relationships and partner effectively with business and technology senior leaders.
• Maintain expert-level professional and technical knowledge in relevant domains
• Building metrics and dashboards that will provide stakeholders with actionable insights into the security posture of technologies
• Bachelors Degree and 9 years of experience OR Masters Degree and 8 years of experience OR PhD and 4 years of experience
• Proven leadership in cybersecurity, with extensive experience in managing security posture and hygiene strategies within complex and diverse IT environments
• Experience implementing an AI security program across an enterprise.
• Expert knowledge of operating systems, networking protocols, systems administration, X as a service, applications, and security technologies.
• Expert knowledge and application of cybersecurity terminology, concepts, and the cyber threat landscape and attack vectors.
• Deep understanding of risk management principles and the ability to integrate these into security practices.
• Experience with the CIS Top 18 controls and familiarity with the CIS Controls Implementation Groups (IGs) methodology.
• Demonstrated ability to innovate and adapt in response to a constantly changing environment.
• Advanced critical thinking, problem solving, and analytical skills
• Strong leadership and collaboration skills with business and technical groups.
• Excellent written and verbal communication and listening skills, with the ability to effectively convey technical insights to technical and non-technical stakeholders.
• Demonstrated ability to interface effectively with clients, IT management, and staff.
• A sincere desire to learn, grow, and go beyond personal capabilities, staying abreast of the latest developments in the cybersecurity landscape .
• Professional cybersecurity certifications (e.g., CISSP, CISM, CIS Controls, etc.) are highly desirable.

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:

• The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.

• We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.

• This job is eligible to participate in our short-term incentive programs.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.

Abb Vie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community.  Equal Opportunity Employer/Veterans/Disabled.

US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html

US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:

https://www.abbvie.com/join-us/reasonable-accommodations.html

About Abb Vie

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas including immunology, oncology and neuroscience - and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on LinkedIn, Facebook, Instagram, X and YouTube.