AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on X, Facebook, Instagram, YouTube, LinkedIn and Tik Tok.

The Associate Director, Business Technology Solutions (BTS) Policy and Controls Lead will be responsible for setting comprehensive compliance strategies and frameworks while expertly managing and mitigating risks, strengthening compliance posture while ensuring compliance with applicable laws, regulations and industry standards. This person will design, develop and maintain a unified controls framework that aligns with industry best practices and regulatory requirements as well as integrate relevant controls into business processes. The successful candidate is a strong communicator and will work closely with cross-functional teams to manage risks and maintain alignment with business objectives. Candidate must be able to assimilate knowledge quickly, understand stakeholder's business challenges/risks, and act as a trusted advisor to comply with policies and standards. 

Key Responsibilities: 

• Build and maintain a consolidated controls framework that links policies, control objectives, standards, guidelines, controls, assessment objectives, company assets, procedures, risks, threats and metrics. 
• Measure control effectiveness against framework and report on non-compliance or lack of adherence/deviations. 
• Collaborate cross functionally to ensure seamless integration of multiple frameworks and practices across the organization (e.g., Cyber, Privacy, Quality). 
• Work with the second line to address any credible challenge. 
• Compile and present risk and compliance posture to senior leadership via metrics and dashboards.

Required:

• Bachelor's with 9+ years, Master's with 8+ years or PhD with 4+ years in Computer Science, Information Security, Risk Management, or a related field. 
• Professional security management certification, such as CISSP, CISM, or CRISC preferred. 
• A minimum of 9 years of experience in a cybersecurity risk or compliance role within an IT environment. 
• Demonstrate ability to assimilate new knowledge quickly 
• Experience with regulatory examinations 
• Comfortable working in a fast-paced, dynamic environment, and managing multiple projects concurrently 
• In-depth understanding of security frameworks (e.g., NIST, COBIT, ISO 27000 series) and regulatory requirements. 
• Proven track record of developing and administering comprehensive compliance programs. 
• Excellent organizational, leadership, decision-making, and communication skills. 
• Strong project management skills with the ability to manage multiple tasks under tight deadlines. 

Preferred:

• Strong Cloud security assessment background and technical acumen necessary for more technical controls, prior experience with automated evidence collection.
• Prior experience implementing a consolidated controls framework. 

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: ​

​

• The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.​

• We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.​

• This job is eligible to participate in our short-term incentive programs. ​

• This job is eligible to participate in our long-term incentive programs​

​

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law. ​

​

AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives, serving our community and embracing diversity and inclusion.  It is AbbVie’s policy to employ qualified persons of the greatest ability without discrimination against any employee or applicant for employment because of race, color, religion, national origin, age, sex (including pregnancy), physical or mental disability, medical condition, genetic information, gender identity or expression, sexual orientation, marital status, status as a protected veteran, or any other legally protected group status.

US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html 

US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:

https://www.abbvie.com/join-us/reasonable-accommodations.html