Security Compliance Lead
AbbVie
- North Chicago, IL
- Permanent
- Full-time
- Maintaining awareness and expertise on governance, risk, security & compliance trends through training and industry research to proactively. ensure we minimize the risks to our environment.
- Ensuring that IR systems and/or platforms are compliant with technology policies and other regulatory requirements.
- Ensuring that all applicable AbbVie IT policies and procedures are followed. Reviews and provides input to improve procedures as applicable.
- Collaborating and working cross-functionally to develop and operationalize a robust continuous learning training framework. Facilitate along with the respective trainers the sessions to educate IR BTS staff and clients as deemed necessary.
- Establishing and overseeing formal risk analysis and risk-assessment programs for various Information services, systems and processes.
- Ensuring and monitoring compliance with Personal Identifiable Health Information, as well as other federal and industry regulations and requirements. Work with business teams to ensure data is properly classified.
- Liaison with Internal Audit, Corporate Compliance, Security and Risk Management to support the remediation of risks; ensuring risks are tracked to closure.
- Participating in the creation and maintenance of AbbVie's risk, security & compliance policies, standards, guidelines, and baselines.
- Ensuring adherence to our corporate wide IS Security program.
- Compliance with applicable Corporate and Divisional Policies and procedures.
- Bachelor's Degree +7 years; Master's +6 years; PhD +2 years experience.
- 5+ years of experience with IT Compliance, IT Risk, and/or IT Audit.
- In-depth understanding with all aspects of regulatory and contractual compliance, especially Personal Identifiable Information and Health Information Portability and Accountability Act (HIPAA) requirements.
- Experience communicating and presenting both verbally and in writing to various audiences, including committees, large groups, senior management, and executive leadership.
- Experience with IT process, risk and control frameworks, such as COBIT, ISO 27001, ITIL, Risk IT.
- Experience with Software Development Lifecycle (SDLC) methodologies.
- Knowledge of risk assessment design and delivery.
- Ability to prioritize and multi-task and strong problem resolution skills.
- Demonstrated ability to coordinate cross-functional teams towards task completion.
- Requires knowledge of outsourcing methodologies and operating models and working with professional services firms.
- Requires experience overseeing geographically distributed and culturally diverse workgroups.
- Excellent written and verbal communication skills.
- Knowledge of business and technology trends.
- Strong interpersonal / relationship management skills.
- The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
- We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
- This job is eligible to participate in our short-term incentive programs.
- This job is eligible to participate in our long-term incentive programs.