Abbott Info Sec Specialist, - Incident Response in St. Paul, Minnesota

At Abbott, we're committed to helping people live their best possible life through the power of health. For more than 125 years, we've brought new products and technologies to the world -- in nutrition, diagnostics, medical devices and branded generic pharmaceuticals -- that create more possibilities for more people at all stages of life. Today, 99,000 of us are working to help people live not just longer, but better, in the more than 150 countries we serve.

Abbott is seeking a Cybersecurity Incident Response professional to work on the global Cyber Incident Response Team (CIRT). CIRTs primary function is to provide continuous security monitoring, triage, investigative response, threat containment and remediation for Abbott as well as contributing to the continuous improvement of Abbott's overall cybersecurity posture.

  • Monitors and responds to security events by taking the necessary course of action such as identifying, containing, eradicating, remediating, extracting indicators, disseminating IOCs to supporting teams.

  • Analyzes computing environments to determine vulnerabilities, recommends safeguards to mitigate risk, and performs compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures.

  • Performs Incident Handling duties and coordinates with business and application owners to contain and remediate security incidents.

  • Maintains security infrastructure & cyber-security operations to mitigate identified risks, to meet business objectives, and to meet regulatory requirements.

  • Works with security technologies and tools, such as SIEM, IDS/IPS, Malware Analysis platforms, logical access controls, packet capture, endpoint detection and response (EDR), and security operations management systems, in order to support security across the enterprise.

  • Submits content tuning requests to improve alert fidelity and reduce false positives

  • Automates manual tasks through technology integrations using APIs and scripting

  • Performs project leadership tasks on select security projects and supports new security project evaluations.

  • Provides assistance, guidance, support, & remediation of security architectural/ technical issues to both the business and internal IT.

  • Supports security audit information gathering, review, & remediation.

  • Continually reviews and enhances existing knowledge of the security aspects of common product sets and technologies.

General Qualifications

  • 3+ years of experience working in an Information Security environment.

  • Experience in supporting cyber-security incident response, and providing analysis of cyber-security events required.

  • GIAC (GCIH, GSEC, GCFA, GREM), OSCP or equivalent certification preferred.

  • Bachelor’s degree preferred but will consider applicable work experience as it translates to an equivalent degree.

  • Experience with programming and scripting languages, preferably Python and PowerShell.

  • Experience working in a large enterprise/cross-division business unit model preferred.

  • Exceptional written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.

  • Must have strong time management skills and an ability to thrive in a high cadence operation.

  • Ability to maintain regular and predictable attendance and be on call during high impact cyber incidents.

An Equal Opportunity Employer

Abbot welcomes and encourages diversity in our workforce.

We provide reasonable accommodation to qualified individuals with disabilities.

To request accommodation, please call 224-667-4913 or email corpjat@abbott.com