Company Description

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.

Job Description

Join our Information Security team as a Senior DevSecOps Engineer and be part of the core team building a global enterprise-grade Application Security program from the ground up. You'll play a vital role in implementing security testing tools, integrating them into our CI/CD ecosystems, and delivering actionable findings to developers—enabling secure software delivery at scale. Together, we'll make a remarkable impact on people's lives by protecting the systems that discover and deliver life-changing medicines to patients who need them.

This position can be virtually anywhere in the U.S.

Responsibilities:

• Implementing and maintaining Application Security Testing (AST) tools (SAST, DAST, IAST, SCA, etc.) to identify vulnerabilities and configuration issues during the software development lifecycle.
• Implementing and maintaining tools (such as Application Security Posture Management / ASPM) to centralize and deduplicate findings from multiple solutions and integrate reporting into software development workflows.
• Integrating security tooling with large-scale enterprise CI/CD pipelines.
• Building and managing tooling and processes to drive efficient DevSecOps and Application Security (AppSec) operations.

Qualifications

• Bachelors Degree and 7 years experience OR Masters Degree and 6 years experience OR PhD and 0 years experience
• 4+ years of hands-on technical experience in DevSecOps / DevOps / Site Reliability Engineering (SRE)
• 2+ years of experience implementing, administering, and supporting application security tooling such as SAST/DAST/IAST/SCA
• Demonstrated experience designing, building, and optimizing CI/CD pipelines (such as GitHub Actions and Azure DevOps) for large-scale enterprise environments and integrating security testing solutions
• Experience automating workflows and integrating platforms via programming languages such as Python
• Ability to effectively communicate and document technical findings to both technical and non-technical stakeholders

Beneficial:

• Experience with commercial or in-house Application Security Posture Management (ASPM) tooling to facilitate risk visibility, finding management, and developer workflow integration
• Experience implementing pre-deployment container and/or artifact security tooling (e.g. image scanning, dependency validation)
• Experience implementing container and artifact security solutions (e.g. Snyk, JFrog Artifactory), including image scanning, vulnerability assessment, and dependency validation in CI/CD pipelines
• Experience administering Snyk in large enterprise environments

Additional Information

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: ​

• The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future. ​

• We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.​

• This job is eligible to participate in our short-term incentive programs. ​

​

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law.

AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community. Equal Opportunity Employer/Veterans/Disabled.

US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html

US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:

https://www.abbvie.com/join-us/reasonable-accommodations.html