Associate Analyst Ii, Threat Detection & Monitoring

This position is part of AbbVie’s Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed. We do it by providing the knowledge, tools, and support they need to effectively use data and technology while also effectively managing risk.
AbbVie Information Security is looking for a highly motivated, talented defender to join the Threat Detection and Monitoring (TDM) team. The Threat Detection and Monitoring team is responsible for the end-to-end approach to how cyber threats are identified and reported to AbbVie’s incident responders. Join us as an Associate Security Analyst II, Threat Detection & Monitoring to help streamline and improve our ability to detect cyber-attacks and help our business to continue to have remarkable impacts on people’s lives.
This is a technical role responsible for analyzing data, reviewing cyber security alerts for efficacy, tuning alerts based on confirmed false positives reported by incident responders, participating in purple team exercise planning and execution, developing new detections, and driving overall detection improvements whenever possible.
This entry-level role will assist in building your foundation of skills and knowledge in threat detection and provides career path to more senior information security specializations.
Responsibilities:

• Assist with thoroughly documenting work and presenting analysis to management.
• Follow cyber threat landscape to stay aware of the evolving adversary tactics, techniques, and procedures.
• Perform daily review of triggered development alerts, perform data analysis and alert tuning in Splunk as necessary.
• Actively participate in the daily stand-up meeting.
• Create and maintain procedural documentation regarding how to perform analyst tasks.
• Adhere to cyber security processes, procedures and other documentation while performing analyst
• Assist with analysis of security logs, security tools, and available data sources to identify opportunities for new threat detections.
• Create new detections in Splunk, based on alerts from various security controls.
• Assist with planning, execution and reporting of quarterly Purple Team exercises.

Qualifications:

• Capable of learning new concepts and processes quickly, and adapting to a constantly changing environment
• Education & Experience - Minimum of one of the following:
• Ability to author original technical documentation
• Demonstrated critical thinking, problem solving, and analytical skills
• Strong organization skills with attention to detail
• Ability to work independently and effectively as part of a team
• No college degree and 4 years of IT experience with 2 years in a specialized information security role
• Master’s Degree in computer science or related technical field and 0+ years of specialized information security experience
• Demonstrated ability to take initiative for personal growth and development
• Bachelor’s Degree in computer science or related technical field and 2 years of IT experience
• Willingness to be available, as needed, for major and critical security issues
• Foundational knowledge of major operating systems, common networking protocols, systems administration, and security technologies
• Foundational understanding of system logging and auditing concepts
• Ability to successfully interact with non-technical in-business contacts
• Bachelor’s Degree in computer science or related technical field and 1 years of specialized information security experience
• Ability to analyze and understand technical information
• Familiarity with cyber security terminology and concepts, and basic understanding of the cyber threat landscape and attack vectors
• Strong written and verbal communication skills with a high level of professionalism
• Foundational knowledge of security controls and concepts (e.g. anti-virus, EDR, IPS/IDS, DLP, vulnerability scanners, application security)

AbbVie is an equal opportunity employer including disability/vets. It is AbbVie’s policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a disabled veteran, recently separated veteran, Armed Forces service medal veteran or active duty wartime or campaign badge veteran or a person’s relationship or association with a protected veteran, including spouses and other family members, or any other protected group status. We will take affirmative action to employ and advance in employment qualified minorities, women, individuals with a disability, disabled veterans, recently separated veterans, Armed Forces service medal veterans or active-duty wartime or campaign badge veterans. The Affirmative Action Plan is available for viewing in the Human Resources office during regular business hours.