This position is part of AbbVie’s Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk.

AbbVie Information Security is looking for a highly motivated, talented defender to join the Cyber Security Incident Response Team (CSIRT). The Cyber Security Operations Center (CSOC) manages the initial investigation and response to security events, alerts, and threats, and works directly to augment the incident responders. This is a new capability within the Cyber Security Incident Response Team (CSIRT), working within the larger Cyber Security Operations (CSO) function. Join us as a Security Analyst, Incident Response to form the first line of defense against cyber-attacks and help our business to continue to have remarkable impacts on people’s lives.

This is a highly technical role responsible for the initial triage of cyber security alerts, responding to confirmed cyber security incidents, escalation of cyber security incidents, as needed, and driving detection improvements whenever possible.

This role will assist in continuing to build your foundation of skills and knowledge in incident response and digital forensics and provides a clear career path to more senior incident response and digital forensics specializations.

In this role, you’ll be responsible for:

• Responding to cyber security alerts within defined SLAs
•  Contributing to key initiatives to enhance the Cyber Security Operations team’s maturity and operational capabilities
• Adhering to cyber security processes, procedures and other documentation while performing incident response duties
• Assisting with development of documentation regarding how to perform specific incident response tasks
• Analyzing security system logs, security tools, and available data sources to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection development and system tuning
• Assisting in identifying monitoring/detection gaps and helping to drive them toward resolution
• Escalating cyber security incidents to incident response analysts when appropriate
• Identifying and actioning incident trends observed during triage and response activities
• Assisting with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOP)
• Assisting with cyber security awareness and education initiatives, as needed
• Operating in a global on-call rotation and being available to respond outside of normal business hours, if necessary