AbbVie

Application & Platform Security Architect

AbbVie$120K — $150K *
Atlanta, GA 30349In-Person
Information Technology
Less than 5 years of experience
Today
Be an Early Applicant
Job Overview by Ladders

Qualifications

  • Bachelor's or Master's degree with significant experience in information security or related fields.
  • Proven ability to communicate security concepts effectively to both business and IT stakeholders.
  • In-depth knowledge of the systems development lifecycle and its integration with security considerations.
  • Expertise in secure coding practices and familiarity with industry security frameworks (OWASP, SANS).
  • Strong analytical skills to identify security risks and propose effective solutions.
  • Experience with cloud platforms and containerization technologies (e.g., AWS, Docker).
  • Familiarity with security tools for code analysis and vulnerability scanning.

Responsibilities

  • Define and implement reusable security architecture patterns for business applications.
  • Integrate security early in software development processes to enhance security-by-design initiatives.
  • Represent security architecture in design boards, promoting risk-based security practices.
  • Evaluate application software designs to ensure compliance with security standards.
  • Create application-specific security control architectures and design artifacts for implementation guidance.
  • Collaborate with IT and business leaders to address security requirements and risks.
  • Lead efforts in identifying application threats and propose design enhancements to mitigate risks.

Benefits

  • Paid time off including vacation, holidays, and sick leave.
  • Medical, dental, and vision insurance.
  • 401(k) retirement plan with company contributions.
  • Eligibility for long-term incentive programs.
Full Job Description
Job Description

The Application & Platform Security Architect is a member of the Information Security team and works closely with other members of the team to develop and implement a comprehensive information security program. This includes defining security policies, processes, and standards. We are seeking a highly skilled architect to collaborate with application development teams, ensuring secure design, coding, configuration, and deployment of technology solutions. The architect will not only focus on common security mechanisms like encryption and authentication but will also dive into application-level risks, session management, securing configuration files, and risk identification in system configurations. This role requires a deep understanding of secure application development practices, including the security of API interactions and cloud application environments.

Responsibilities:
  • Define reusable security architecture patterns and guardrails to enable consistent, secure implementation across high-risk business applications.
  • Drive secure-by-design initiatives by integrating security considerations early in the software architecture lifecycle and influencing enterprise architecture direction.
  • Represent security architecture in design authority boards and technical review councils, advocating for risk-based security controls.
  • Work with in-business IT customers, including application architects and engineers to evaluate application software and infrastructure designs, for the purpose of defining/designing application controls aligned with enterprise standards.
  • Define application-specific security control architectures and produce design artifacts to guide secure implementation of business-critical systems.
  • Develop re-usable implementation guidance and design patterns based on previous engagements to scale the service.
  • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks in the infrastructure and applications.
  • Act as a security architecture liaison to IT delivery and engineering teams, embedding security principles into technical delivery and architecture review forums.
  • Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions.
  • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks in the infrastructure.
  • Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies.
  • Establish collaborative working relations with the Information Technology functions to ensure that solutions align with security architecture and business strategy.
  • Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned. Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed.
  • Research and assess new information security threats and recommend remedial actions.
  • Foster an information security culture through education, skill development, and implementation of effective information security processes and practices.
  • Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development lifecycle.
  • Matures and leverages relationships with affiliates, subsidiaries, vendors, and industry peers in accordance with AbbVie Values, Vendor Management Office, and Purchasing to further the mission, vision, and goals of the organization.
  • Design the security architecture for applications, ensuring all components meet best practices and regulatory compliance.
  • Work closely with software development, DevOps, and operations teams to integrate security into the software development lifecycle (SDLC).
  • Lead efforts in identifying potential threats through application threat modeling and propose design changes to mitigate risks.


Qualifications

Required:
  • Bachelor's degree and 9 years of experience OR Master's Degree and 8 years of experience OR PhD and 4 years of experience in information security and/or related functions (IT Audit, Risk Management or Security Architecture).
  • Must have demonstrated exceptional ability to assess and communicate information security concepts and practices, with both business and IT stakeholders.
  • Requires in-depth knowledge of the systems development life cycle, client area's functions and systems, and systems applications programs development technological alternatives.
  • Proven implementation of creative technology solutions that advance the business.
  • Relevant work experience is important for successful performance of this role due to the complexity of our global IT Security environment.
  • Strong understanding of application security principles, including OWASP Top 10, SANS/CWE Top 25, and secure coding practices.
  • Expertise in secure session management, token handling, and authentication mechanisms (OAuth, SAML, OpenID Connect).
  • Knowledge of cryptographic practices, encryption protocols, and PKI management.
  • Experience with containerization (Docker, Kubernetes) and cloud platforms (AWS, Azure, GCP).
  • Familiarity with tools for code analysis (e.g., SonarQube, Veracode) and vulnerability scanning (e.g., Burp Suite, Nessus).
  • Understanding of DevSecOps practices, including securing CI/CD pipelines.
  • Self-starter with the ability to work independently and manage multiple projects simultaneously.
  • Strong problem-solving and analytical skills with the ability to identify security risks and propose effective solutions.
  • Ability to work collaboratively in cross-functional teams and influence technical teams towards secure implementations.
  • Understanding of cloud computing principles, including virtualization, containerization, microservices, and serverless computing; Risk Management, container security, Kubernetes security, IAM security, network security, auditing, encryption, secrets management and data protection, securing CI/CD.
  • Advanced knowledge of Identity Security concepts, least-privilege, separation of duties, and Zero trust design principles.
  • Understanding of federation technologies (WS-Fed, OAuth, OpenID connect, SAML ...) and of encryption technologies (encryption types and protocols/standards).
  • Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project.
  • Significant SOX and HIPAA experience in dealing with IT general controls (ITGC), demonstrated through hands-on audit, remediation, and/or computer system validation.
  • Excellent understanding of current Information Security & Architecture trends and their impact on business strategies including key Information Security vendors and solutions, audit organizations, and influential market research firms.
  • Excellent communications and influencing skills with strong ability to balance differing stakeholder interests through sound analysis and persuasion.
  • Strong people skills, collaborative ability to work with IT stakeholders inside and outside of the organization, able to mentor team members with diverse backgrounds.
  • Thorough understanding of Information Security frameworks and good practices (e.g., ISO, NIST), and proven ability to strike a balance between an academic and pragmatic approach.

Preferred:
  • Information security qualifications such as CISSP are preferred but not required.
  • Understanding the following concepts is a plus; identity management, federated identity services, incident management, access control, application vulnerability testing, public key infrastructure, Windows, and Unix/Linux, public cloud infrastructure, and services.


Additional Information

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law:
  • The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.
  • We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.
  • This job is eligible to participate in our long-term incentive programs.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company's sole and absolute discretion, consistent with applicable law.

About AbbVie

AbbVie develops pharmaceuticals and medical devices. They provide products and services to therapeutic areas including immunology, oncology, neuroscience, eye care, virology, women's health, and gastroenterology.

AbbVie Careers

Joining AbbVie means becoming part of a global team dedicated to making a remarkable impact on patients' lives. At AbbVie, our employees are united in the pursuit of groundbreaking innovation and are committed to transforming the future of healthcare with leading-edge science.

Work You’ll Do

At AbbVie, you’ll collaborate with some of the brightest minds in the industry to solve challenging problems that have a high impact on society. Our culture fosters growth and embraces leadership and diversity training, ensuring that every team member can thrive.

Explore Job Opportunities

AbbVie offers a wide range of job opportunities and career paths, providing a platform where professionals can propel their careers forward. From research and development to marketing and sales, the potential to make a significant impact is limitless.

Internship Programs

Kickstart your career with an AbbVie internship. Our programs provide invaluable industry experience and a chance to develop essential skills in a real-world setting. Interns at AbbVie are considered integral members of the team and are given tasks that are both challenging and rewarding.

Professional Growth and Development

We believe in nurturing our team's professional growth through comprehensive training programs, leadership development opportunities, and continuous learning. Our commitment to your career growth is reflected in our robust offerings that enhance your skills and knowledge.

Benefits and Culture

AbbVie is dedicated to supporting our employees' well-being both inside and outside of work. Our benefits package includes health, financial, and social benefits that are designed to support the diverse needs of our employees. Our inclusive culture encourages collaboration and innovation, fostering a workplace where all can excel.

Hiring Process

Our hiring process is designed to ensure a match that will be beneficial both for the company and for your career aspirations. From resume submission to interview, each step is an opportunity to showcase your skills and fit with the AbbVie team.

Networking and Career Advancement

At AbbVie, networking doesn’t just enhance your career; it propels it. We encourage our employees to engage internally and externally to build relationships that foster personal and professional growth.

Join Our Team

Search open positions that match your skills and interests. We are looking for passionate, curious, and innovative team players who are ready to make a difference.

Stay Connected

Keep up to date with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the people who work here.

Job Alert Emails

Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding opportunities that await at AbbVie.

Explore AbbVie Jobs

Whether you’re seeking to advance your career in a dynamic and empowering environment, or looking for a place where you can innovate, lead, and contribute to something bigger, AbbVie is the place for you. Join us in our mission to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow.
Learn more about AbbVie
Size
50,000 employees
Market Cap
$288.5 billion
Industry
Pharmaceuticals & Biotech
Net Income
$4.6 billion
Founded
2013
5 Year Trend
+17%
Revenue
$45.8 billion
NASDAQ
ABBV
* Ladders Estimates

Similar Jobs

Ad banner background

Get Ready For Your
Next Interview

More Jobs at AbbVie

More Information Technology Jobs

Find similar Application & Platform Security Architect jobs:

NationwideAtlanta, GA