Product Security Engineer

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 114,000 colleagues serve people in more than 160 countries.

     

JOB DESCRIPTION:

About Abbott

Abbott is a global healthcare leader, creating breakthrough science to improve people’s health. We’re always looking towards the future, anticipating changes in medical science and technology. 

Working at Abbott

At Abbott, you can do work that matters, grow, and learn, care for yourself and family, be your true self and live a full life. You’ll also have access to:

• Career development with an international company where you can grow the career you dream of .
• Free medical coverage for employees* via the Health Investment Plan (HIP) PPO
• An excellent retirement savings plan with high employer contribution
• Tuition reimbursement, the Freedom 2 Save student debt program and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.
• A company recognized as a great place to work in dozens of countries around the world and named one of the most admired companies in the world by Fortune. 
• A company that is recognized as one of the best big companies to work for as well as a best place to work for diversity, working mothers, female executives, and scientists. 

The Opportunity 

This position works out in Irving Texas in the Diagnostics division.  

We’re empowering smarter medical and economic decision making to help transform the way people manage their health at all stages of life. Every day, more than 10 million tests are run on Abbott’s diagnostics instruments, providing lab results for millions of people.

Abbott Molecular is a leader in molecular diagnostics and the analysis of DNA, RNA, and proteins at the molecular level. 

Our Point of Care diagnostic portfolio spans key heath and therapeutic areas, including infections disease, cardiometabolic, informatics and toxicology. 

Our diagnostic solutions are used in hospitals, laboratories and clinics around the globe. The crucial information derived from our tests, instruments and informatics systems are often the first step in patient care decision making for hundreds of health conditions from heart attacks to blood disorders to infectious diseases and cancers.

Our rapid diagnostics solutions are helping address some of the world’s greatest healthcare challenges. 

What You’ll Work On

The Product Security Engineer will serve as a Cybersecurity Subject Matter Expert (SME) for our Cloud-Based software applications as well as a software engineer for our embedded Medical Device software.  They will work closely with product development in the design, implementation, and maintenance of secure software applications in the cutting-edge medical and non-medical software applications. They will evaluate incoming cybersecurity signals, assess the impact to on-market products and provide responses and documentation updates in compliance with our security policies and standards.  For new products and software updates, they will be participating in the design and development activities with focus on cybersecurity – threat modeling, secure design, implementation, and documentation. 

Key performance indicators for this role include assessing and maintaining compliance to security policies and standards, timely provisioning of product security assessments, and support for auditing of our secure product lifecycle for the portfolio of products. The role requires the ability to work in an environment that is fast paced, to work independently, and to apply the latest security design and tooling strategies available. 

• Responsible for ensuring products are safe, secure, and are compliant with division, corporate, and industry regulation and meet customer and patient security expectations. 
• Works within an agile, collaborative, multi-discipline environment to produce compliant and secure products.   
• Identifies cybersecurity risks, vulnerabilities, and assists in concepting and delivering mitigating functionalities.   
• Perform vulnerability assessments - analyze impact of vulnerabilities on software and develop/implement mitigations 
• Perform threat analysis/modeling, gap analysis, and security for on-market and in-development products 
• Owns the product cybersecurity deliverables and process compliance. Capable of following and cybersecurity processes, methods, techniques, and tools and assuring their consistent application. 
• Stay abreast of changes in the business and product environment as well as the evolving regulatory and threat landscape 
• Supporting certifications as application SME for explaining the designing and implementation of security controls  
• Ability to articulate technical discussions to a variety of internal, external, and customer stakeholder groups 
• Develops software code functions and testing for IOT systems. Participates in project teams
• Participates in establishing technology-specific vision and strategy and processes 
• Participates in the development of Abbott Security policies as applicable to area of expertise 

EDUCATION AND EXPERIENCE YOU’LL BRING

Qualifications:

• BA/BS Degree in Engineering, Computer Science, MIS, Telecommunications or related field. 
• 4 – 8 years IT experience with Fortune 500 company; 5+ years of experience in secure product development lifecycle engineering strongly desired.  

Preferred Qualifications

• Previous work experience in a product cybersecurity role is preferred 
• Strong understanding of product cybersecurity and the relationship between threat, vulnerability, and potential customer risk. 
• Azure Certifications preferred, minimally has a strong history working with cloud hosted applications. 
• Hands-on security experience with various technologies, such as Docker, Kubernetes, Terraform 
• Experience in Object-Oriented Design and Development in C++, Java or Javascript  
• Understanding of industry standards such as HITRUST, NIST Cybersecurity Framework, FedRAMP, RMF, IMDRF, TIR-57 Principles for medical device security risk management, etc. 
• Experience with secure configuration/hardening of systems 
• ISC2 CCSP Certified Cloud Security Professional, or CCNA Cyber Ops is desirable.  Certifications such as CISA, CISM, CRISC, CISSP, CPP, CFE or SANS are preferred 
• Experience in cryptographic standards and methods and detailed knowledge of cryptographic key management preferred 
• Experience in Atlassian suite – JIRA, Bitbucket and Confluence preferred  

Learn more about our health and wellness benefits, which provide the security to help you and your family live full lives:  www.abbottbenefits.com  

Follow your career aspirations to Abbott for diverse opportunities with a company that can help you build your future and live your best life. Abbott is an Equal Opportunity Employer, committed to employee diversity.

Connect with us at www.abbott.com, on Facebook at www.facebook.com/Abbott and on Twitter @AbbottNews and @AbbottGlobal.

     

The base pay for this position is

$72,700.00 – $145,300.00

In specific locations, the pay range may vary from the range posted.

     

JOB FAMILY:

Product Development

     

DIVISION:

CRLB Core Lab

        

LOCATION:

United States > Irving : LC-02

     

ADDITIONAL LOCATIONS:

     

WORK SHIFT:

Standard

     

TRAVEL:

Yes, 5 % of the Time

     

MEDICAL SURVEILLANCE:

Not Applicable

     

SIGNIFICANT WORK ACTIVITIES:

Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day), Keyboard use (greater or equal to 50% of the workday)

     

Abbott is an Equal Opportunity Employer of Minorities/Women/Individuals with Disabilities/Protected Veterans.

     

EEO is the Law link - English: http://webstorage.abbott.com/common/External/EEO_English.pdf

     

EEO is the Law link - Espanol: http://webstorage.abbott.com/common/External/EEO_Spanish.pdf