Cyber Security Operations Manager – Attack Surface Management

United States - Abbott Park : AP14/A/B, United States

Full Time Mid-level / Intermediate USD 97K - 194K

Abbott

Innovative medical devices and health care solutions for cardiovascular health, diabetes management, diagnostic testing, nutrition, chronic pain and more.

View all jobs at Abbott

Apply now Apply later

Posted 19 hours ago

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 114,000 colleagues serve people in more than 160 countries.

JOB DESCRIPTION:

At Abbott, you can do work that matters, grow, and learn, care for yourself and your family, be your true self, and live a full life. You’ll also have access to:

Career development with an international company where you can grow the career you dream of.
Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year.
An excellent retirement savings plan with a high employer contribution
Tuition reimbursement, the Freedom 2 Save student debt program, and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.
A company recognized as a great place to work in dozens of countries worldwide and named one of the most admired companies in the world by Fortune.
A company that is recognized as one of the best big companies to work for as well as the best place to work for diversity, working mothers, female executives, and scientists.

The Opportunity:

Abbott is looking for a Cyber Security Operations Manager – Attack Surface Management (CSOM – ASM), will lead and develop a key element of the ASM program (Secure Baseline Implementation) driving excellence for the organization’s attack surface management program. Reporting to the Sr Manager Cyber Security Operations, the CSOM – ASM will be responsible for the successful operation of a program element which has global reach across all of Abbotts business divisions and forms a critical component of the organization’s cyber security program.

The role will require a self-starter with a proven ability to lead. The CSOM – ASM should be capable of working in a complex process driven environment with significant on prem and cloud footprint in what is a quality driven organization working in a highly regulated industry. The CSOM – ASM will be required to be comfortable working in a matrix organization due to the global nature of the ASM programs.

What You'll Work On:

Act as the SME on the ASM program for the cyber operations team within Abbott.
Enterprise Cyber Security Point of Contact for other Divisional Cyber Security Teams in relation to the ASM and ASM program.
Acts as subject matter expert for the team in relation to the selection of additional tools to enhance the current ASM program capabilities.
Supports the organizations move towards a risk-based vulnerability management program.
Drives reduction of organizational risk through vulnerability remediation. Responsible for compliance with applicable Corporate and Divisional Policies and procedures
Identify opportunities for improvement to the organizations ASM program both in terms of process and tools used.
Ensures the development of the ASM Team in terms of capabilities and maturity.
Manages change to the organizations ASM program for both processes and tools.
Manages the ASM interface into enterprise or cyber security initiatives ensuring quality of service to stakeholders.

Engage with stakeholders within different parts of the business to communicate technical topics to non-technical stakeholders.
Ability to consume large datasets to ensure that risks are identified in a timely manner.
Visualize process architecture and make accurate decisions in rapidly evolving situations.
Acquire and manage the necessary resources, including leadership support, financial resources, and key security personnel, to support ASM program goals and objectives.
Design and documentation of processes.

EDUCATION AND EXPERIENCE, YOU’LL BRING

Required Qualifications:

5 – 6 years’ work experience preferably with experience in a large-scale attack surface management / vulnerability management team
Knowledge of national and international regulatory compliances and frameworks such as NIST Cybersecurity Framework, ISO 27001, EU DPD, HIPAA/HITECH
Demonstrated experience of working in a Matrix organization covering differing geographic areas on time zones.
Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner and be able to meet assigned deadlines and service levels.
Must have strong time management skills and an ability to thrive in a high cadence operation.
Must work well within a tight-knit team environment and be able to work with peers, customers, and partners to support the mission.

Education

BA/BS or higher in Information Security, Risk or IT Management, Computer Science, or related field; or equivalent experience.
Certifications such as CISM, CISSP, CEH, OSCP will be preferred.

Preferred Qualifications:

Knowledge of computer networking concepts and protocols, and network security methodologies.
Knowledge of cyber threats and vulnerabilities.
Knowledge of threat vectors and how they would contribute to risk-based decision making in assessing vulnerabilities.
Knowledge of specific operational impacts of cybersecurity lapses.
Knowledge of host/network access control mechanisms (e.g., access control list, capabilities lists).
Knowledge of different classes of attacks (e.g., passive, active, insider, close-in, distribution attacks).
Knowledge of Vulnerability criticality rating methodologies
Cyber attackers (e.g., script kiddies, insider threat, non-nation state sponsored, and nation sponsored).
Cyber-attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
Network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
Cloud technologies and platforms.
Risk-based vulnerability methodologies.
Business processes in relation to how Cyber Security Operations can impact on these.
An understanding of how the organizations attack surface influences 3rd party organizational assessments of Abbott.
Experience with Vulnerability scanning tools like Qualys, etc

Supervisory responsibilities:

Manage direct reports to drive the success of the organizations ASM programs.
Manage the onboarding of internal customers to the ASM program

MISC:

This is an onsite role located in IL/MN locations. This is NOT a remote role/opportunity.
It requires some international travel from time to time (Est 10%).

Apply Now

Learn more about our health and wellness benefits, which provide the security to help you and your family live full lives: www.abbottbenefits.com

Follow your career aspirations to Abbott for diverse opportunities with a company that can help you build your future and live your best life. Abbott is an Equal Opportunity Employer, committed to employee diversity.

Connect with us at www.abbott.com, on Facebook at www.facebook.com/Abbott, and on Twitter @AbbottNews.

The base pay for this position is

$97,300.00 – $194,700.00

In specific locations, the pay range may vary from the range posted.