isecjobs.com

Cyber Threat Engineer

United States - Minnesota - St. Paul - Lillehei : One Lillehei Plaza, United States

Full Time Mid-level / Intermediate USD 75K - 150K
Company logo

Abbott

Innovative medical devices and health care solutions for cardiovascular health, diabetes management, diagnostic testing, nutrition, chronic pain and more.

View all jobs at Abbott

Apply now Apply later

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 114,000 colleagues serve people in more than 160 countries.

     

JOB DESCRIPTION:

Working at Abbott

At Abbott, you can do work that matters, grow, and learn, care for yourself and family, be your true self and live a full life. You’ll also have access to:

  • Career development with an international company where you can grow the career you dream of.

  • Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year

  • An excellent retirement savings plan with high employer contribution

  • Tuition reimbursement, the Freedom 2 Save student debt program and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.

  • A company recognized as a great place to work in dozens of countries around the world and named one of the most admired companies in the world by Fortune.

  • A company that is recognized as one of the best big companies to work for as well as a best place to work for diversity, working mothers, female executives, and scientists.

The Opportunity

This position is based in our Lillehei, MN location, within the GIS-Global Information Services, Cyber Threat Engineering Team. The expectation is that the employee will work from this office five days a week.

As a Cyber Threat Engineer with a multi-area focus (detection, automation, integrations), you will have the opportunity to investigate the techniques and tactics employed by threat actors when compromising networks and systems. You will assist with cybersecurity network device deployments and other ongoing projects that help secure Abbott's systems and networks. It is essential for this role that the employee collaborates with the Cyber Threat Engineering team and Incident Response Team in the development of Splunk Risk Rules, Risk-Based Alerting (RBA), and creating detections or scripts used to detect threat activity within our global corporate and manufacturing networks. This role will provide administrative and technical guidance within the Cyber Threat Engineering team on all sensors and technologies and will support cross-functional departmental briefings as well as other briefings as deemed necessary.

What You’ll Work On

  • You will participate with Abbott interdepartmental and cross functional teams to understand the organizational cybersecurity sensors and cyber security posture.

  • You will provide guidance and input in the development of detections, automations, operational technologies in support of departmental responsibility areas. Investigate deployed sensors and detection and prevention capabilities, ensure we are fully capitalizing on our technological capabilities including but not limited to the available data and Application Programming Interface capabilities and automations.  

  • Assist in integration with XSOAR and AI and Machine learning and automation tools.

  • You will join the Cyber Threat Engineering team in supporting the Incident Response Team during significant cyber events within Abbott enterprise.

Additional Essential Role Areas

  • Ability to search and assist in building detections with Splunk Search Processing Language (SPL) for multiple sensors (Firewall, IDS/IPS, EndPoint Protection, Proxy, and more) incorporating the MITRE ATT&CK Model. Partake in Star Custom Rule Creation (EDR) and or any other scripts.

  • Proactively research Digital Forensics, and Incident Response reports from a wide variety of sources. Build detections for cyber-based threats and risks, both current and future, creating and deploying detections as needed. Detections are not limited to Splunk or our EDR/XDR tools.

  • Automate manual tasks through technology integrations via scripting and orchestration of playbooks and XSoar platform.

  • Participate in cross-team functions and assist and advice team members and participants to achieve defined security goals and meet technical requirements in support of detailed implementation plans for security projects.

  • Develops response strategies and technical support documents, summaries, reports, presentations, and other designated products.

  • Support the advancement of Abbott’s Cybersecurity Operations program to ensure consistent detection, analysis, response, and monitoring of cybersecurity threats, including actors, campaigns, and vulnerabilities.

Required Qualifications

  • B.S. in Computer Science or equivalent experience.

  • Expert level use of Splunk Search Processing Language and Splunk Risk Based Alerting

Preferred Qualifications

  • GIAC (GCIH, GSEC, GCFA, GREM), OSCP or equivalent certifications preferred.

  • 5+ years of experience directly related to the area of incident response, digital forensics, malware analysis, threat hunting, cyber threat intelligence, or content development/tuning.

  • Experience with programming and scripting languages, preferably Python and PowerShell.

  • Strong written and verbal communication skills; must be able to effectively communicate to all levels of staff up to executive-level management, customers (internal and external), and vendors.

  • Be available for on-call duty to assist in high-impact cybersecurity incidents.

  • Be driven for personal development through security conferences, Capture the Flags (CTF), lab time and research.

  • Be a team player committed to the mission and continuous development of the Cyber Threat Action Center, peers, and Abbott customers.

Apply Now      

Learn more about our health and wellness benefits, which provide the security to help you and your family live full lives:  www.abbottbenefits.com

Follow your career aspirations to Abbott for diverse opportunities with a company that can help you build your future and live your best life.

Abbott is an Equal Opportunity Employer, committed to employee diversity.

Connect with us at www.abbott.com, on Facebook at www.facebook.com/Abbott and on Twitter @AbbottNews and @AbbottGlobal.

     

The base pay for this position is

$75,300.00 – $150,700.00

In specific locations, the pay range may vary from the range posted.

     

JOB FAMILY:

Information Risk & Quality Assurance

     

DIVISION:

BTS Business Technology Services

        

LOCATION:

United States > Minnesota > St. Paul > Lillehei : One Lillehei Plaza

     

ADDITIONAL LOCATIONS:

     

WORK SHIFT:

Standard

     

TRAVEL:

No

     

MEDICAL SURVEILLANCE:

Not Applicable

     

SIGNIFICANT WORK ACTIVITIES:

Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day), Keyboard use (greater or equal to 50% of the workday)

     

Abbott is an Equal Opportunity Employer of Minorities/Women/Individuals with Disabilities/Protected Veterans.

     

EEO is the Law link - English: http://webstorage.abbott.com/common/External/EEO_English.pdf

     

EEO is the Law link - Espanol: http://webstorage.abbott.com/common/External/EEO_Spanish.pdf
Apply now Apply later
Job stats:  2  0  0
Categories: Security Engineering Jobs Threat Intel Jobs

Tags: Automation Computer Science CTF EDR Firewalls Forensics GCFA GCIH GIAC GREM GSEC IDS Incident response IPS Machine Learning Malware MITRE ATT&CK Monitoring OSCP PowerShell Python Scripting SOAR Splunk Surveillance Threat intelligence Vulnerabilities XDR XSOAR

Perks/benefits: Career development Conferences Health care Team events Wellness

Region: North America
Country: United States

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Systems Engineer jobsSecurity Operations Engineer jobsSystems Administrator jobsSenior Cybersecurity Engineer jobsSenior Security Analyst jobsInformation Security Manager jobsCybersecurity Editor jobsSenior Information Security Analyst jobsCybersecurity Content Editor jobsCyber Security Specialist jobsIT Security Analyst jobsSenior Network Security Engineer jobsSenior Information Security Engineer jobsSecurity Consultant jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsChief Information Security Officer jobsInformation Systems Security Engineer jobsIT Security Engineer jobsSecurity Specialist jobsCyber Threat Intelligence Analyst jobsSenior Cyber Security Engineer jobsCybersecurity Specialist jobsSenior Software Engineer jobsSenior IT Auditor jobs
TS/SCI jobsEDR jobsJava jobsEncryption jobsCEH jobsSplunk jobsTop Secret jobsIDS jobsThreat detection jobsTerraform jobsSDLC jobsMalware jobsIPS jobsRMF jobsFinance jobsSQL jobsDocker jobsForensics jobsIntrusion detection jobsSOC 2 jobsActive Directory jobsCompTIA jobsOWASP jobsAnsible jobsITIL jobs
CRISC jobsGIAC jobsVPN jobsClearance Required jobsHIPAA jobsTCP/IP jobsDoDD 8570 jobsIT infrastructure jobsJira jobsSOX jobsMITRE ATT&CK jobsData Analytics jobsOSCP jobsSOAR jobsBanking jobsDNS jobsCCSP jobsJavaScript jobsZero Trust jobsIndustrial jobsCISO jobsUNIX jobsGCIH jobsPolygraph jobsArtificial Intelligence jobs