1+ months

Sr. Product Security Analyst - Testing

Saint Paul, MN

At Abbott, we're committed to helping people live their best possible life through the power of health. For more than 125 years, we've brought new products and technologies to the world -- in nutrition, diagnostics, medical devices and branded generic pharmaceuticals -- that create more possibilities for more people at all stages of life. Today, 99,000 of us are working to help people live not just longer, but better, in the more than 150 countries we serve.

The Product Security Testing Analyst will be responsible for identifying and evaluating information security risks relevant to existing and future medical device products and providing security requirements and recommendations for mitigating/remediating such risks. Responsibilities include assisting in defining set of security requirements, evaluating ongoing risk and vulnerabilities through scanning and testing techniques and recommending security measures for Abbott.

Job Duties:

  • Perform internal or coordinate external security assessments of medical device products across multiple device product lines.
  • Manages and monitors security remediation efforts to successful completion. Tracks issues from discovery to closure.
  • Assists in the development of additional security testing capabilities through project execution, process development, and tool evaluations.
  • Provides information security expertise and assists in incorporating control measures into new and existing projects around medical device security
  • Develops and maintains technical expertise pertaining to Information Security and effectively transfers knowledge to business and R&D team members
  • Assists with performing risk assessments of Abbott projects and initiatives and anticipates business and industry regulatory issues to provide recommendations and solutions to potential issues or vulnerabilities
  • Works closely with internal business partners to incorporate security mitigations into new implementation during planning phases while driving a continued focus on efficiency
  • Works with legal and other regulatory and compliance groups to ensure the company is compliant with key laws, regulations, and certifications
  • Develops and effectively executes project plans, work breakdown structure and task dependencies, communication plans, etc. as needed
  • Complies with U.S. Food and Drug Administration (FDA) regulations, other regulatory requirements, Company policies, operating procedures, processes, and task assignments.
  • Maintains positive and cooperative communications and collaboration with all levels of employees, customers, contractors, and vendors.
  • Performs other related duties and responsibilities, on occasion, as assigned.


    • Bachelor’s degree in Computer Science, MIS, Information Assurance, or related field.  Equivalent combinations of education and work experience may be considered.
    • 5+ years of experience in IT Security/IT Audit/Risk Management, experience with software development/security testing and related SAST/DAST tools is preferred. 
    • Willing to consider candidates with minimum 2 years experience (title to be adjusted).
    • Ability to obtain industry certifications (i.e., CISSP / CISA / CISM / GIAC Web Application Penetration Tester (GWAPT))
    • Intermediate Web/Mobile/Embedded Device technology knowledge (i.e., HTTP, HTML, SQL, IOS, Android)
    • Competent with application level security controls e.g. authorization and access control, session management, cross site scripting, command injection Flaws, buffer overflows, web application and server configurations
    • Strong knowledge of IT security frameworks (ISO, NIST etc.) and related processes
    • Energetic team player with strong initiative, team orientation and good problem solving skills. 
    • Demonstrated organizational skills, attention to detail, the ability to handle multiple assignments simultaneously in a timely manner, and be able to meet assigned deadlines and service levels. 
    • Demonstrated interpersonal skills, including the ability to listen, resolve problems, deal with unresolved issues, delays and unexpected events, and the ability to effectively communicate and maintain rapport with supported customers. 
    • Excellent communication skills with demonstrated ability to write clear, concise business communication for multiple levels (management, technical, user).
    • Able to understand and leverage the IT and business vision and strategy to support solution definition
    • Able to professionally represent the Security function to key business stakeholders
    • Ability to work in a highly matrixed and geographically diverse business environment.
    • Ability to work within a team and as an individual contributor in a fast-paced, changing environment.
    • Ability to leverage and/or engage others to accomplish projects.
    • Ability to travel approximately 10%, including internationally.
    • Ability to maintain regular and predictable attendance.
      Job Family: Information Risk & Quality Assurance
      Division: GIS Global Information Services
      Travel: Yes, 10 % of the Time
      Medical Surveillance: No
      Significant Work Activities: Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day)


Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Sr. Product Security Analyst - Testing

Saint Paul, MN

Share this job

Sr. Product Security Analyst - Testing

Saint Paul, MN

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast