Abbott Senior Specialist Cybersecurity in Shanghai, China
This role is within Information Security and Risk Management (ISRM), responsible for country cyber security program. Key point of contact for all ISRM related matters, ensuring delivery and support of all ISRM programs and solutions in the country. Work collaboratively with global ISRM and IT functions, local IT teams and local business partners.
Core Job Responsibilities
Key point of contact at the affiliate/region for all Incident Response related activities and communications. Key liaison with business and IT
Responsible for gathering the artifacts to facilitate incident response process and coordinate IT systems remediation – gather logs, gather evidence, take forensic images, isolate any IT equipment impacted and coordinate all needed investigation activates under the direction of ISRM IR team
Country/region specific expertise to support ISRM security architecture needs
Coordinate scanning and identification of vulnerabilities
Provide guidance on secure SLC and minimal cyber controls for local application development
Key point of contact for local security architecture design – such as local boarders and systems
Key contact for dawn raids for information security IT specific actions
Responsible to identify and address all IT specifics points during or after the dawn raid
Coordinating operational tasks such as patch management requirements and compliance with ISRM standards
Ensure application & server owners maintain inventory (CMDB) accuracy.
Educate business owners on the importance and availability of fully automated patching services. Allowing the business to simply select time/date for security patch installation and server restart without local resource requirement or involvement.
Key subject matter expert for in country/region specific privacy requirements – conducts assessments if needed
Lead and provide expertise for country/region ISRM training and awareness campaigns
Responsible to establishing in-country VRM program under direction of BTS
Communicate prioritization criteria and help identify vendors with access to sensitive data.
Responsible for oversight and enforcement of internal security policies and applicable external cyber regulations
Work collaboratively with local legal teams to protect personally identifiable information (PII)
Promotes a global ISRM perspective
Communicate and align ISRM , to Regional and local IT and business management.
Understands business unit strategy and translates business strategy in an aligned ITSRM strategy of programs, projects and applications
Builds solid and efficient organizational structure and relationship with Global organization to assure alignment and compliance with Guidelines, policies, roadmaps and procedures.
Creates a working environment that is motivating and helps collaborators to grow in their positions
Position Accountability / Scope
Reports to the IT Director, Cyber Regional Programs. The scope of this position is country/region specific and considers the information security implications unique to all Abbott divisions when developing governance and risk management strategies. No direct budget responsibility.
• Bachelor's degree in Information Security, Computer Science, or related field
Minimum Experience/Training Required
• 7-10 years of experience is required.
• Possess CISSP certification (or similar) preferred and be knowledge of local regulatory requirements including privacy and data localization as well as international regulatory compliances and frameworks such as ISO, NIST, SOX, HIPAA, and PCI DSS is desired.
An Equal Opportunity Employer
Abbot welcomes and encourages diversity in our workforce.
We provide reasonable accommodation to qualified individuals with disabilities.
To request accommodation, please call 224-667-4913 or email email@example.com