Remote Infrastructure Application Security Architect (Remote)

Description:

• The Infrastructure Application Security Architect is a member of the Information Security team and collaborates with other team members to develop and implement a comprehensive information security program.
• This role involves defining security policies, processes, and standards.
• The architect will work closely with application development teams to ensure secure design, coding, configuration, and deployment of technology solutions.
• Responsibilities include focusing on common security mechanisms like encryption and authentication, as well as application-level risks, session management, securing configuration files, secrets management, and risk identification in system configurations.
• A deep understanding of secure application development practices, including the security of API interactions and cloud application environments, is required.
• The position is remote and can be performed from anywhere in the U.S.

Requirements:

• A Bachelor’s degree and 9 years of experience, a Master’s Degree and 8 years of experience, or a PhD and 4 years of experience in information security or related functions is required.
• Secrets Management experience in a corporate environment, particularly in large enterprises, is strongly preferred.
• Knowledge of Secrets Management tools such as HashiCorp Vault, AWS KMS, Azure Key Vault, and BeyondTrust is necessary.
• Candidates must have demonstrated exceptional ability to assess and communicate information security concepts and practices with both business and IT stakeholders.
• In-depth knowledge of the systems development life cycle and relevant technological alternatives is required.
• Strong understanding of application security principles, including OWASP Top 10 and secure coding practices, is essential.
• Expertise in secure session management, token handling, and authentication mechanisms (OAuth, SAML, OpenID Connect) is required.
• Familiarity with tools for code analysis and vulnerability scanning is necessary.
• Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions are essential.
• Information security qualification such as CISSP is preferred but not required.

Benefits:

• The compensation range for this position is $137,500 - $261,000, depending on geographic location and other factors.
• AbbVie offers a comprehensive benefits package including paid time off (vacation, holidays, sick leave), medical/dental/vision insurance, and a 401(k) plan to eligible employees.
• This position is eligible to participate in short-term and long-term incentive programs.
• AbbVie is committed to equal opportunity employment and provides reasonable accommodations for applicants as needed.