Associate Security Analyst I, Incident Response

This position is part of AbbVies Information Security & Risk Management (ISRM) team. We are here to put our partners in a position to succeed.  We do it by providing the knowledge tools and support they need to effectively use data and technology while also effectively managing risk.

AbbVie Information Security is looking for a highly motivated defender to join the Cyber Security Incident Response Team (CSIRT). The Cyber Security Operations Center (CSOC) manages the initial investigation and response to security events alerts and threats and works directly to augment the incident responders. This is a new capability within the Cyber Security Incident Response Team (CSIRT) working within the larger Cyber Security Operations (CSO) function.  Join us as an Associate Security Analyst I Incident Response to form the first line of defense against cyber-attacks and help our business to continue to have remarkable impacts on peoples lives.

This is a highly technical role responsible for the initial triage of cyber security alerts responding to confirmed cyber security incidents escalation of cyber security incidents as needed and driving detection improvements whenever possible.

This entry-level role will assist in building your foundation of skills and knowledge in incident response and digital forensics and provide a career path to more senior information security specializations.

In this role youll be responsible for:

• Responding to cyber security alerts within defined SLAs
• Adhering to cyber security processes procedures and other documentation while performing incident response duties
• Assisting with development of documentation regarding how to perform specific incident response tasks
• Analyzing security system logs security tools and available data sources to identify attacks against the enterprise and report on any irregularities issues related to improper access patterns trending and event correlations and make suggestions for detection development and system tuning
• Escalating cyber security incidents to incident response analysts when appropriate
• Identifying and actioning incident trends observed during triage and response activities
• Assisting with the development maintenance of and training on technical documentation and Standard Operating Procedures (SOP)
• Assisting with cyber security awareness and education initiatives as needed
• Operating in a global on-call rotation and being available to respond outside of normal business hours if necessary

Qualifications :

Experiences that make you a strong candidate for this role:

Required:

• Basic understanding of computer operating systems (Windows macOS and Linux)
• Basic understanding of enterprise computing environments
• Basic understanding of computer networking
• Basic understanding of cloud computing

• Capability to learn new concepts and processes quickly and adapt to a constantly changing environment
• Demonstrated critical thinking problem solving and analytical skills with the ability to de-construct complex concepts
• Demonstrated ability to work in a team environment towards common goals
• Ability to successfully interact with non-technical personnel
• Ability to analyze and understand technical information
• Education & Experience - Minimum of one of the following:
  • Minimum of 2 years of IT experience
  • Bachelors Degree in computer science or related technical field

Beneficial:

• Basic level of understanding of incident response terminology and methodologies
• Basic level of understanding of common Windows OS artifacts and their relation to cyber security investigations.
• Basic understanding of multiple technologies and systems that support CSOC and CSIRT services (e.g. SOAR SIEM IPS/IDS EDR etc.)
• Familiarity with areas of Information Security outside of Incident Response (e.g. Security Architecture Security Engineering Application Security Vulnerability Management Threat Intelligence etc.)
• Experience with at least one programming language
• Experience with at least one scripting language
• IT or Cyber Security certifications

Additional Information :

AbbVie is an equal opportunity employer and is committed to operating with integrity driving innovation transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled. 

US & Puerto Rico only - to learn more visit  & Puerto Rico applicants seeking a reasonable accommodation click here to learn more:

Work :

No

Employment Type :

Full-time