Senior Cybersecurity Engineer

At Abbott, you can do work that matters, grow, and learn, care for yourself and family, be your true self and live a full life. You’ll also have access to:

• Career development with an international company where you can grow the career you dream of.

• Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year

• An excellent retirement savings plan with high employer contribution

• Tuition reimbursement, the Freedom 2 Save student debt program and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.

• A company recognized as a great place to work in dozens of countries around the world and named one of the most admired companies in the world by Fortune.

• A company that is recognized as one of the best big companies to work for as well as a best place to work for diversity, working mothers, female executives, and scientists.

This Senior Cybersecurity Engineer position can work out remotely within the U.S.

The Senior Cybersecurity Engineer is responsible for identifying security risks, vulnerabilities, and threats, and leading mitigation and remediation efforts to ensure Abbott delivers secure, compliant products that meet industry cybersecurity regulations and customer and patient security expectations.

• Drive end-to-end cybersecurity program execution across product lines, aligning security initiatives with business objectives, product roadmaps, and regulatory requirements.

• Establish, maintain, and optimize a scalable vulnerability management program, including governance, prioritization frameworks, KPIs, and executive reporting.

• Lead cross-functional program governance with engineering, product management, quality, and compliance teams to ensure alignment on security priorities, timelines, and risk acceptance decisions.

• Serve as the primary liaison between cybersecurity, product teams, and executive stakeholders, providing regular updates on program status, risks, dependencies, and mitigation plans.

• Develop and deliver cybersecurity artifacts for product software releases, including SBOMs, vulnerability remediation evidence, and release security documentation. Lead technical reviews with development teams to discuss vulnerabilities, security controls, remediation progress, and residual risk.

• Prioritize vulnerability remediation and patching efforts based on business impact, proof of exploit, and policy requirements, partnering with engineering, PMs, and product owners to drive timely risk reduction.

• Design and recommend systematic remediation strategies and preventive controls to reduce recurring vulnerabilities, including secure coding practices, dependency management, and configuration hardening across product and supporting applications.

• Triage and analyze findings from application, network‑based, and agent‑based security scanning tools (SAST, DAST, SCA, infrastructure scanners) to determine true security impact, validate exploitability, and distinguish false positives.

• Validate security fixes through hands-on testing, including web application testing using tools such as Burp Suite and Postman, and verification of remediation for iOS and Android mobile application vulnerabilities.

• Clearly communicate complex technical security concepts to executive leadership and cross-functional stakeholders, translating vulnerability findings, security controls, and security metrics into business‑relevant risk insights and decision support.

• Lead remediation efforts following security assessments that identify weaknesses. Support the advancement of the cyber threat and vulnerability management program to ensure consistent identification, analysis, response, and monitoring of cybersecurity threats, events, and vulnerabilities.

• Leverage JIRA for security project and vulnerability management, building dashboards, reports, and automation workflows to track remediation progress, improve visibility of security metrics, and streamline coordination across cross-functional teams.

• Participate in cross-functional team coordination to achieve defined security goals and meet technical requirements in support of detailed implementation plans for security projects. Provide technical guidance and training on security risks and prevention strategies.

• Bachelor's degree in computer and information sciences or engineering, Security Systems, or related fields.

• Holds or working toward one or more relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Ethical Hacker (CEH), or equivalent.

• Previous work experience in a product development cybersecurity role - Familiarity with design of diagnostic equipment, medical devices, or other closely related products.