Allergan
Associate Security Analyst II, Incident Response
Allergan, Oklahoma City, Oklahoma, United States
Company Description
AbbVie’s mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.
Job Description This position is part of AbbVie’s Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk. AbbVie Information Security is looking for a highly motivated, talented defender to join the Cyber Security Incident Response Team (CSIRT). The Cyber Security Operations Center (CSOC) manages the initial investigation and response to security events, alerts, and threats, and works directly to augment incident responders during critical security events. Join us as an
Associate Security Analyst II, Incident Response
to form the first line of defense against cyber‑attacks and help our business to continue to have remarkable impacts on people’s lives.
Responsibilities
Initial triage of cyber security alerts
Responding to and escalating confirmed cyber security incidents
Contributing to key initiatives in order to enhance the Cyber Security Operations team’s maturity and operational capabilities
Adhering to cyber security processes, procedures and other documentation while performing incident response duties
Analyzing security system logs, security tools, and available data sources to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection development and system tuning
Assisting in identifying monitoring/detection gaps and helping to drive them toward resolution
Escalating cyber security incidents to incident response analysts when appropriate
Identifying and actioning incident trends observed during triage and response activities
Assisting with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOPs)
Assisting with cyber security awareness and education initiatives, as needed
Operating in a global on‑call rotation and being available to respond outside of normal business hours, if necessary
Tools and Skills
Basic understanding of system logging and auditing concepts, security controls (i.e. anti‑virus, EDR, IPS/IDS), and their capabilities
Creating original technical documentation
Working knowledge of diverse operating systems, networking protocols, systems administration, and security technologies
Familiarity with cyber security terminology and concepts, and basic understanding of the cyber threat landscape and attack vectors
Capability to learn new concepts and processes quickly, and adapt to a constantly changing environment
Ability to successfully interact with non‑technical personnel
Ability to analyze and understand technical information
Qualifications – Required
Education & Experience – Minimum of one of the following:
Minimum of 4 years of IT experience with 2 years in a specialized information security role
Bachelor’s Degree in computer science or related technical field and 2 years of IT experience
Bachelor’s Degree in computer science or related technical field and 1 year of specialized information security experience
Master’s Degree in computer science or related technical field
Experience in a CSOC or other specialized information security role
Demonstrated critical thinking, problem solving, and analytical skills with the ability to de‑construct complex concepts
Working knowledge of incident response terminology and methodologies
Qualifications – Beneficial
Basic level of understanding of common Windows OS artifacts and their relation to cyber security investigations
Knowledgeable on multiple technologies and systems that support CSOC and CSIRT services (e.g. SOAR, SIEM, IPS/IDS, EDR, etc.)
Knowledgeable on areas of Information Security, outside of Incident Response (e.g. Security Architecture, Security Engineering, Application Security, Vulnerability Management, Threat Intelligence, etc.)
Familiarity with cloud environment architecture
Experience with at least one programming or scripting language
Familiarity with change and incident management concepts and processes
Certifications consisting of any of the following: GIAC Continuous Monitoring Certification (GMON), GIAC Certified Intrusion Analyst (GCIA), GIAC Security Operations Certified (GSOC), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), GIAC Enterprise Incident Responder (GEIR), or other cybersecurity related certifications
Additional Information AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only – to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more: https://www.abbvie.com/join-us/reasonable-accommodations.html
#J-18808-Ljbffr
Job Description This position is part of AbbVie’s Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk. AbbVie Information Security is looking for a highly motivated, talented defender to join the Cyber Security Incident Response Team (CSIRT). The Cyber Security Operations Center (CSOC) manages the initial investigation and response to security events, alerts, and threats, and works directly to augment incident responders during critical security events. Join us as an
Associate Security Analyst II, Incident Response
to form the first line of defense against cyber‑attacks and help our business to continue to have remarkable impacts on people’s lives.
Responsibilities
Initial triage of cyber security alerts
Responding to and escalating confirmed cyber security incidents
Contributing to key initiatives in order to enhance the Cyber Security Operations team’s maturity and operational capabilities
Adhering to cyber security processes, procedures and other documentation while performing incident response duties
Analyzing security system logs, security tools, and available data sources to identify attacks against the enterprise and report on any irregularities, issues related to improper access patterns, trending, and event correlations and make suggestions for detection development and system tuning
Assisting in identifying monitoring/detection gaps and helping to drive them toward resolution
Escalating cyber security incidents to incident response analysts when appropriate
Identifying and actioning incident trends observed during triage and response activities
Assisting with the development, maintenance of, and training on technical documentation and Standard Operating Procedures (SOPs)
Assisting with cyber security awareness and education initiatives, as needed
Operating in a global on‑call rotation and being available to respond outside of normal business hours, if necessary
Tools and Skills
Basic understanding of system logging and auditing concepts, security controls (i.e. anti‑virus, EDR, IPS/IDS), and their capabilities
Creating original technical documentation
Working knowledge of diverse operating systems, networking protocols, systems administration, and security technologies
Familiarity with cyber security terminology and concepts, and basic understanding of the cyber threat landscape and attack vectors
Capability to learn new concepts and processes quickly, and adapt to a constantly changing environment
Ability to successfully interact with non‑technical personnel
Ability to analyze and understand technical information
Qualifications – Required
Education & Experience – Minimum of one of the following:
Minimum of 4 years of IT experience with 2 years in a specialized information security role
Bachelor’s Degree in computer science or related technical field and 2 years of IT experience
Bachelor’s Degree in computer science or related technical field and 1 year of specialized information security experience
Master’s Degree in computer science or related technical field
Experience in a CSOC or other specialized information security role
Demonstrated critical thinking, problem solving, and analytical skills with the ability to de‑construct complex concepts
Working knowledge of incident response terminology and methodologies
Qualifications – Beneficial
Basic level of understanding of common Windows OS artifacts and their relation to cyber security investigations
Knowledgeable on multiple technologies and systems that support CSOC and CSIRT services (e.g. SOAR, SIEM, IPS/IDS, EDR, etc.)
Knowledgeable on areas of Information Security, outside of Incident Response (e.g. Security Architecture, Security Engineering, Application Security, Vulnerability Management, Threat Intelligence, etc.)
Familiarity with cloud environment architecture
Experience with at least one programming or scripting language
Familiarity with change and incident management concepts and processes
Certifications consisting of any of the following: GIAC Continuous Monitoring Certification (GMON), GIAC Certified Intrusion Analyst (GCIA), GIAC Security Operations Certified (GSOC), GIAC Network Forensic Analyst (GNFA), GIAC Certified Forensic Analyst (GCFA), GIAC Enterprise Incident Responder (GEIR), or other cybersecurity related certifications
Additional Information AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.
US & Puerto Rico only – to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html
US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more: https://www.abbvie.com/join-us/reasonable-accommodations.html
#J-18808-Ljbffr