Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy, and consent to receive emails from Rise
Jobs / Job page
Senior Application Security Penetration Tester (Remote) image - Rise Careers
Job details

Senior Application Security Penetration Tester (Remote) - job 4 of 4

Company Description

AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas – immunology, oncology, neuroscience, and eye care – and products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit us at www.abbvie.com. Follow @abbvie on XFacebookInstagramYouTubeLinkedIn and Tik Tok.

Job Description

AbbVie Information Security is looking for a highly motivated, diligent, and skillful analyst to join the Attack Surface Management (ASM) team. AbbVie’s Application Security team protects AbbVie’s patients, data, and brand by identifying vulnerabilities and threats to our organization and working to drive remediation of identified security risks. Application Security is a capability of ASM within the larger Cyber Security Operations (CSO) function. Join us as Senior Security Specialist, Application Security to support and improve our efforts to identify and reduce AbbVie’s attack surface and help our business continue to have remarkable impacts on people’s lives.

This position can be based virtually anywhere in the U.S.

The Senior Security Specialist is a key member of the Application Security team and works with internal and external groups to identify and drive remediation of information security risks across all AbbVie application environments.

The ideal candidate must have prior experience leading manual web and mobile application security penetration tests within an enterprise environment and working with application stakeholders to discuss vulnerabilities and remediation options.

Responsibilities

  • Maintaining awareness of the latest critical information security vulnerabilities, threats, and exploits
  • Support the enterprise-wide initiative to secure AbbVie’s most critical assets by performing thorough assessments of web and mobile applications and working with key stakeholders to drive remediation of identified risks.
  • Providing guidance on existing and emerging threats in the web and mobile application space, as they apply within the AbbVie environment
  • Performing application security reviews throughout the application development lifecycle, including tasks such as:
    • Performing security assessments for AbbVie web and mobile applications across the enterprise
    • Dynamic (DAST) application security testing and/or penetration testing of applications and source code
    • Auditing results of security assessments with development and/or security teams and offering plans for remediation of vulnerabilities
    • Retesting remediation of identified vulnerabilities to confirm the efficacy of fixes
  • Reviewing deliverables from third-party service providers and other Application Security Analysts to ensure completeness and accuracy
  • Communicating technical application security concepts to customers, including developers, architects, and managers
  • Participating in the management of AbbVie’s bug bounty program, working to validate and triage reported vulnerabilities and working with application owners to ensure valid findings are remediated
  • Training customer staff on application security and remediation of application security code defects
  • Identifying and developing secure software development best practices
  • Identifying enhancements to tools, standards and processes; provide input into policies and procedures, and contribute to the implementation and refinement of the strategy for the Application Risk program on a global basis

Qualifications

  • Bachelors Degree and 6 years experience OR Masters Degree and 5 years experience OR PhD and 0 years experience
  • Advanced knowledge of web application vulnerabilities and web application business logic flaws and threats
  • Advanced understanding of application architectures and technologies, including web applications, mobile technology, data encryption, and identity and access management
  • Advanced, hands-on experience with manual vulnerability testing and static code analysis
  • Advanced experience with tools including, but not limited to, the Kali Linux platform and its built-in tools
  • Advanced experience performing manual testing with Burp Suite, OWASP ZAP, or similar tools
  • Advanced understanding of security controls such as Authentication, Authorization, Access Control, Cryptography, and Network Protocols along with security standards: OWASP Top 10, SANS 25, NIST, and CVE
  •  Written and verbal communication skills are critical
  • Communicating concepts to diverse audiences with varying skill sets.
  • Certifications such as OSCP, OSWE or ECSA are a plus

Additional Information

Applicable only to applicants applying to a position in any location with pay disclosure requirements under state or local law: ​​

​​

  • The compensation range described below is the range of possible base pay compensation that the Company believes in good faith it will pay for this role at the time of this posting based on the job grade for this position. Individual compensation paid within this range will depend on many factors including geographic location, and we may ultimately pay more or less than the posted range. This range may be modified in the future.​​

  • We offer a comprehensive package of benefits including paid time off (vacation, holidays, sick), medical/dental/vision insurance and 401(k) to eligible employees.​​

  • This job is eligible to participate in our short-term incentive programs. ​​

​​

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, incentive, benefits, or any other form of compensation and benefits that are allocable to a particular employee remains in the Company's sole and absolute discretion unless and until paid and may be modified at the Company’s sole and absolute discretion, consistent with applicable law. 

AbbVie is an equal opportunity employer and is committed to operating with integrity, driving innovation, transforming lives and serving our community.  Equal Opportunity Employer/Veterans/Disabled. 

US & Puerto Rico only - to learn more, visit https://www.abbvie.com/join-us/equal-employment-opportunity-employer.html

US & Puerto Rico applicants seeking a reasonable accommodation, click here to learn more:

https://www.abbvie.com/join-us/reasonable-accommodations.html

AbbVie Glassdoor Company Review
3.9 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star icon Glassdoor star icon
AbbVie DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of AbbVie
AbbVie CEO photo
Richard A. Gonzalez
Approve of CEO

Average salary estimate

$130000 / YEARLY (est.)
min
max
$120000K
$140000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

Similar Jobs
Photo of the Rise User

Join AbbVie as an Associate Director in Strategic Marketing to lead impactful marketing initiatives in Rheumatology.

Photo of the Rise User
AbbVie Hybrid Florham Park, NJ
Posted 9 days ago

Join AbbVie as a Director of Compliance, where you will drive strategic initiatives in compliance for the Allergan Aesthetics business.

Photo of the Rise User
Posted 6 days ago

Barings is looking for a dynamic Senior Director to lead IT Service Delivery and enhance operational capabilities within a global financial services framework.

Photo of the Rise User
Target Remote 7000 Target Pkwy N,NCD-0375 Brooklyn Park,MN 55445
Posted 8 days ago
Inclusive & Diverse
Rise from Within
Mission Driven
Diversity of Opinions
Work/Life Harmony

As the Director of Technology for Network Security at Target, you will lead the strategic direction and technical health of network security capabilities.

Photo of the Rise User
American Express Hybrid Phoenix, Arizona, United States
Posted 13 hours ago
Inclusive & Diverse
Empathetic
Collaboration over Competition
Growth & Learning
Transparent & Candid
Medical Insurance
Dental Insurance
Mental Health Resources
Life insurance
Disability Insurance
Child Care stipend
Employee Resource Groups
Learning & Development

Lead the incident response tooling initiatives at American Express and drive the development of innovative monitoring and detection solutions.

Photo of the Rise User
LMAX Group Remote No location specified
Posted 14 days ago

Join LMAX Group as a Security Analyst and contribute to securing cutting-edge trading technologies in a dynamic financial environment.

Photo of the Rise User
Posted 9 days ago

Join Kobie as a Director of Technology Delivery to lead technology projects and create impactful solutions for top brands.

Photo of the Rise User
NBCUniversal Hybrid 900 Sylvan Avenue, Englewood Cliffs, NEW JERSEY
Posted 6 days ago

Join NBCUniversal's Cyber Defense Operations team as a Principal Incident Responder, where you’ll play a crucial role in defending against cyber threats with your expertise.

Wegmans Hybrid Rochester - Main Office
Posted 2 days ago

Drive innovation as an IT Process Automation Engineer at Wegmans, improving operational workflows through strategic automation.

Photo of the Rise User
Nuvei Remote No location specified
Posted 11 days ago

Join Nuvei as a SOC Analyst to fortify their defenses against cyber threats while working remotely in a dynamic fintech environment.

Photo of the Rise User
Altium Hybrid United States
Posted 9 days ago

As a DevOps Engineer at Altium, you will bridge software development with infrastructure delivery, enhancing cloud-native environments for enterprise clients.

Photo of the Rise User
Posted 9 days ago

Join Sigma Defense as a Cybersecurity Engineer and help protect critical Navy platforms through innovative cybersecurity solutions.

Photo of the Rise User
Posted 10 days ago

Join Leidos as a SharePoint Administrator and contribute to collaborative solutions that elevate organizational performance.

Photo of the Rise User
Posted 11 days ago

Join Peraton as a PC Technician supporting critical IT services for the Special Operations Command at MacDill AFB.

Photo of the Rise User

Join Peraton's engineering team as a Senior Site Reliability Engineer to innovate and enhance system reliability for national security initiatives.

AbbVie’s mission is to discover and deliver innovative medicines that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people’s lives across several key therapeutic areas: i...

3470 jobs
MATCH
Calculating your matching score...
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, remote
DATE POSTED
April 22, 2025

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!