Cloud Security Engineer at AbbVie — NeverHard

Job Description As a member of the Information Security Risk Management architecture team, the Cloud Security Engineer plays a crucial role in shaping and guiding the organization's security strategy, architecture, and practices, with a focus on cloud computing technology. The Cloud Security Engineer will collaborate with security architects and cloud engineers to design, execute, and govern a comprehensive cloud environment. This role can be virtual anywhere in the U.S. Responsibilities Serve as a cloud security technical expert to develop and execute cloud security policies and procedures Collaborate with cloud technology teams across the enterprise to ensure the integrity and security of our digital assets in AWS/Azure IaaS environments Demonstrate high proficiency across a wide range of cloud security technologies to establish guardrails to prevent or automatically remediate common security misconfigurations Provide technical leadership, mentor, and consult with less experienced cloud engineers to implement necessary security controls and threat protection Act as a Cloud security subject matter expert by continually reviewing environments for opportunities to reduce risk when possible Build automation to monitor cloud resources for compliance with existing standards and alert for configuration drift Consult with cloud engineers to successfully implement design requirements from cloud security architects Provide governance and consulting to ensure established controls remain effective Contribute to advancement of own function by studying start-of-the-art tools, techniques, and computing equipment; participate in educational opportunities and professional organizations. Highly autonomous and productive in performing activities, requiring only minimal direction from or interaction with supervisor Excellent communication and influencing skills with the ability to balance differing stakeholder interests through sound analysis and persuasion Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development cycle