Senior Security Engineer – Application Security
United States - Alameda : 1360-1380 South Loop Road
Full Time Senior-level / Expert USD 109K - 218K
Abbott
Innovative medical devices and health care solutions for cardiovascular health, diabetes management, diagnostic testing, nutrition, chronic pain and more.
JOB DESCRIPTION:
WORKING AT ABBOTT
At Abbott, you can do work that matters, grow, and learn, care for yourself and family, be your true self and live a full life. You’ll also have access to:
- Career development with an international company where you can grow the career you dream of.
- Free medical coverage for employees* via the Health Investment Plan (HIP) PPO
- An excellent retirement savings plan with high employer contribution
- Tuition reimbursement, the Freedom 2 Save student debt program and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.
- A company recognized as a great place to work in dozens of countries around the world and named one of the most admired companies in the world by Fortune.
- A company that is recognized as one of the best big companies to work for, as well as a best place to work for diversity, working mothers, female executives, and scientists.
Main Purpose
Join us at Abbott to pioneer the future of personalized healthcare with Lingo, our cutting-edge CGM product. In this role, you'll contribute to a technology that empowers individuals to enhance their energy, control cravings, and improve overall well-being. Join a dynamic environment that combines a start-up's agility with Abbott's rich heritage of innovation. In this role, you'll contribute significantly to health and wellness advancements, leveraging your skills in a supportive and forward-thinking setting.
This position works onsite in our Alameda, CA location for Lingo.
The Senior Security Engineer – Application Security works closely with the teams developing and maintaining the Lingo ecosystem to provide guidance on securing applications and infrastructure. The engineer provides security as a process alongside the agile teams building and maintaining Lingo products. The engineer is accountable for establishing and maintaining cyber risk identification, prevention, and remediation practices throughout the product lifecycle.
Primary Responsibilities
- Provide security recommendations on service design and application development and coding (provide security a voice in team standups, write security user stories, be an expert resource to cross-functional teams)
- Perform threat modeling for the Lingo ecosystem
- Perform manual code reviews of security-relevant features
- Leverage SAST, DAST, and penetration testing to identify risks and appropriate mitigations
- Track known vulnerabilities and their remediation statuses, along with performance data on vulnerability management (average time to remediate, average bugs per lines of code, etc.)
- Advise teams regarding remediation of vulnerability, configuration, and other security deficiencies
- Assist with implementing software supply chain security controls and the creation of product SBOMs
- Present important product security concerns to leadership for decision making when necessary
- Work closely with cross-functional teams (Engineering, DevOps, Product) while carrying out daily tasks
- Stay abreast of emerging security threats, vulnerabilities, and controls
Qualifications
- 5+ years in a product security advisory role, penetration testing, or as an engineer on a product team with a security focus
- Intermediate working knowledge of several of the following:
- Cloud computing architectures and associated security design challenges
- Mobile application development and associated security design challenges
- Common web and mobile application development technologies and tools
- Common open-source libraries and technologies and how to effectively harden them
- Common tools and processes to enable teams to develop secure products
- SAST and DAST technologies
- NFC and BLE wireless technologies
- Strong understanding of information security fundamentals and defense-in-depth practices
- Ability to build relationships, influence without authority, and drive positive outcomes across multiple stakeholder groups
- Ability to provide clear oral and written communication to a variety of business and technical audiences
- Proven problem-solving experience
- Ability to prioritize work and adapt to changing needs in a dynamic work environment
- University degree in Cybersecurity, Computer Science, Systems Engineering or similar technical disciplines preferred
- OSCP, OSWP, OSWE, OSWA, CISSP, GWAPT or equivalent certifications preferred
WHAT WE OFFER
At Abbott, you can have a good job that can grow into a great career. We offer:
- Training and career development, with onboarding programs for new employees and tuition assistance
- Financial security through competitive compensation, incentives and retirement plans
- Health care and well-being programs including medical, dental, vision, wellness and occupational health programs
- Paid time off
- 401(k) retirement savings with a generous company match
- The stability of a company with a record of strong financial performance and history of being actively involved in local communities
Learn more about our benefits that add real value to your life to help you live fully: http://www.abbottbenefits.com/pages/candidate.aspx
Follow your career aspirations to Abbott for diverse opportunities with a company that provides the growth and strength to build your future. Abbott is an Equal Opportunity Employer, committed to employee diversity. Connect with us at www.abbott.com, on Facebook at www.facebook.com/Abbott and on Twitter @AbbottNews and @AbbottGlobal.
The base pay for this position is
$109,300.00 – $218,500.00In specific locations, the pay range may vary from the range posted.
JOB FAMILY:
Product Development
DIVISION:
LNGO Lingo
LOCATION:
United States > Alameda : 1360-1380 South Loop Road
ADDITIONAL LOCATIONS:
WORK SHIFT:
Standard
TRAVEL:
Yes, 5 % of the Time
MEDICAL SURVEILLANCE:
Not Applicable
SIGNIFICANT WORK ACTIVITIES:
Continuous sitting for prolonged periods (more than 2 consecutive hours in an 8 hour day), Keyboard use (greater or equal to 50% of the workday)Abbott is an Equal Opportunity Employer of Minorities/Women/Individuals with Disabilities/Protected Veterans.
EEO is the Law link - English: http://webstorage.abbott.com/common/External/EEO_English.pdf
EEO is the Law link - Espanol: http://webstorage.abbott.com/common/External/EEO_Spanish.pdf
Tags: Agile Application security CISSP Cloud Computer Science DAST DevOps GWAPT OSCP OSWE OSWP Pentesting Product security SAST Surveillance Vulnerabilities Vulnerability management
Perks/benefits: 401(k) matching Career development Competitive pay Health care Startup environment Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information System Security Officer jobs
- Open Information Security Architect jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Network security-related jobs
- Open Analytics-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open PowerShell-related jobs