Cybersecurity Compliance Manager

Abbott is a global healthcare leader that helps people live more fully at all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 114,000 colleagues serve people in more than 160 countries.

JOB DESCRIPTION:

Abbott is a global healthcare leader, creating breakthrough science to improve people’s health. We’re always looking towards the future, anticipating changes in medical science and technology.
 

Working at Abbott

At Abbott, you can do work that matters, grow, and learn, care for yourself and family, be your true self and live a full life. You’ll also have access to:

• Career development with an international company where you can grow the career you dream of.

• Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year

• An excellent retirement savings plan with high employer contribution

• Tuition reimbursement, the Freedom 2 Save student debt program and FreeU education benefit - an affordable and convenient path to getting a bachelor’s degree.

• A company recognized as a great place to work in dozens of countries around the world and named one of the most admired companies in the world by Fortune.

• A company that is recognized as one of the best big companies to work for as well as a best place to work for diversity, working mothers, female executives, and scientists.

THE OPPORTUNITY

This Cybersecurity Compliance Manager position can work remotely within the U.S.

We are seeking a leader to develop and manage a centralized, standardized framework for medical device cybersecurity compliance. This role will drive alignment across people, processes, and technologies to support Abbott divisions and product teams in mitigating medical device risks. The successful candidate will establish and lead a cybersecurity compliance program, oversee a team of specialists, and ensure adherence to relevant laws, regulations, and industry standards through audits, risk management, and expert guidance.

What You’ll Work On

• Provide strategic leadership in developing and executing a product information security program aligned with business and product objectives.

• Collaborate with R&D teams across divisions to implement and maintain a Secure Product Development Lifecycle, embedding security controls into product design.

• Lead complex audit engagements, ensure audit readiness, and deliver formal reports on control effectiveness and efficiency.

• Develop and enforce organizational security standards, guidelines, and procedures in compliance with regulatory requirements and industry best practices.

• Coordinate medical device/product security risk assessments and drive mitigation planning with division R&D teams.

• Oversee comprehensive compliance initiatives and ensure sufficient audit coverage to support business assurance.

• Acquire and manage specialized technical expertise to support advanced cybersecurity initiatives.

• Manage and mentor junior and senior team members, providing technical guidance and leadership.

• Deliver security advisory services to product teams, including system hardening, network architecture, cryptography, PKI, and privileged access control.

• Build and maintain executive relationships to support the successful execution of the cybersecurity compliance program.

• Influence internal and external product security policies, standards, and programs to enhance secure interoperability and communications.

• Provide strategic input on product security policies and stay current with evolving business, regulatory, and threat landscapes.

QUALIFICATIONS 

• Bachelor’s degree Business, Engineering, Computer Science, or threat and risk management related disciplines.

• Minimum of 8 years of experience in Cybersecurity, including 3-5 years of leadership of leadership experience and demonstrated project management skills

• Minimum 5 years of experience working in an information security governance, risk, and compliance role.

• Experience in audit and certification processes.

• Demonstrated knowledge of General Computer Controls, including Information Security, Information System Operations, Vendor Management, Business Continuity, Networks, Database, System Software, Hardware, and Application Development control.

• Strong understanding of product security and the relationship between threat, vulnerability and potential customer risk in the context of risk management

• Strong analytical skills to analyze laws, regulations and translating the security requirements into appropriate security programs, projects, controls, and training.

• Ability to communicate business risk as it relates to cybersecurity, along with excellent oral and written communication skills for engaging all levels of management and staff

• Strong team player with the ability to communicate effectively within cross-functional groups and perform peer reviews of work products and documents.

• Excellent organizational skills and critical attention to detail and deadlines with the ability to handle multiple tasks simultaneously.

• Hold one or more cybersecurity certifications or has completed necessary coursework.

• Self-motivated, well-organized and able to position controls in anticipation of threats.

• Strong leadership and project management skills.

PERFERRED:

• Master’s degree is desirable

• Medical device product security or compliance experience.

• Experience in audit and certification processes.

• Experience with data protection regulations to include US HIPAA and EU GDPR.

• Risk Management experience.

• Development of security processes.

• Up-to-date understanding of a wide range of incident response, system configuration, vulnerability management and hardening guidelines.

• Track record of acting with integrity, taking pride in work, ability to respond to constructive criticism in a positive manner, seeking to excel, being curious and adaptable, and communicating effectively.

• Advanced understanding of security development lifecycle (SLDC) and secure design principles.

• Strong understanding of technologies used to automate security/compliance tasks.

• Understanding of Artificial Intelligence (AI) technologies and use cases within the field of cybersecurity.

• Understanding of ISO 27001, HITRUST CSF and NIST cybersecurity frameworks.

• Experience in strategic planning and execution of security initiatives.

• Excellent communication and stakeholder management skills.

#software #cybersecurity

Apply Now

Learn more about our health and wellness benefits, which provide the security to help you and your family live full lives:  www.abbottbenefits.com

Follow your career aspirations to Abbott for diverse opportunities with a company that can help you build your future and live your best life. Abbott is an Equal Opportunity Employer, committed to employee diversity.

Connect with us at www.abbott.com, on Facebook at www.facebook.com/Abbott and on Twitter @AbbottNews and @AbbottGlobal

The base pay for this position is

In specific locations, the pay range may vary from the range posted.

JOB FAMILY:

DIVISION:

LOCATION:

ADDITIONAL LOCATIONS:

WORK SHIFT:

TRAVEL:

MEDICAL SURVEILLANCE:

SIGNIFICANT WORK ACTIVITIES: