Director Cybersecurity

Description

Summary: Abbott is seeking a Director, Security to lead a global team, build a world-class security function, and own the end-to-end security strategy for Lingo's groundbreaking health platform. Highlights: 1. Lead a world-class, globally distributed security function 2. Own end-to-end security strategy across innovative platforms 3. Drive a strong security culture and define security KPIs Apply Now Abbott is a global healthcare leader th helps people live more fully all stages of life. Our portfolio of life-changing technologies spans the spectrum of healthcare, with leading businesses and products in diagnostics, medical devices, nutritionals and branded generic medicines. Our 115,000 colleagues serve people in more than 160 countries. Working Abbott At Abbott, you can do work th mters, grow, and learn, care for yourself and your family, be your true self, and live a full life. You’ll also have access to: Career development with an internional company where you can grow the career you dream of. Employees can qualify for free medical coverage in our Health Investment Plan (HIP) PPO medical plan in the next calendar year. An excellent retirement savings plan with a high employer contribution. Tuition reimbursement, the Freedom 2 Save student debt program, and FreeU educion benefit - an affordable and convenient ph to getting a bachelor’s degree. A company recognized as a gre place to work in dozens of countries worldwide and named one of the most admired companies in the world by Fortune. A company th is recognized as one of the best big companies to work for as well as the best place to work for diversity, working mothers, female executives, and scientists. THE OPPORTUNITY At Lingo, we’re building a groundbreaking health plform th combines continuous biosensor da, real-time analytics, and personalized insights to help people live fuller, longer, and healthier lives. Our systems ingest millions of sensor readings daily, powering experiences for consumers and partners worldwide, with the reliability and scalability of cloud-nive, enterprise-grade plforms. We are looking for a Director, Security to help accelere growth across the U.S., Spain, and India. In this role, you will build and lead a world-class, globally distributed security function responsible for the security of Lingo’s products and processes. The role requires a hands-on leader who can partner deeply with engineering, product, quality, and regulory teams to reduce risk while enabling fast, high-quality delivery in a reguled, consumer health environment. You will own the end-to-end security stregy across Lingo’s cloud plforms, mobile applicions, biosensor/CGM da pipelines, AI/ML services, and supporting enterprise systems. You will establish security architecture and operional capabilities th scale globally, and you will grow and unify a team of security engineers who opere with consistent standards and urgency regardless of time zone. Wh You’ll Work On  Direct and provide a stregic risk management vision th scales globally to effectively secure products and da without slowing company innovion and execution. Build and lead a high-performing, globally distributed security organizion across the U.S., Spain, and India, including hiring stregy, team structure, opering model, and budget ownership. Drive a strong security culture within the security team and across the broader organizion through clear expections, enablement, and partnership with engineering leadership. Define and communice security KPIs and metrics aligned to business initiives (e.g., vulnerability SLAs, thre modeling coverage, security test automion, incident response readiness) and present them to non-technical stakeholders in an understandable manner. Own security policies, standards, and reference architectures for cloud, mobile, da pipelines, and AI/ML services, including protections against emerging thres and objectives for monitoring and response. Partner with Product and Engineering to embed security-by-design practices (thre modeling, secure SDLC, dependency and container security, secrets management, secure configurion baselines) into delivery workflows. Establish and evolve a security murity model th reduces complexity, focuses on fundamentals, and is tracked over time with measurable improvements. Lead vulnerability management across applicions, cloud infrastructure, and endpoints, including triage, remediion governance, and verificion of fixes. Require and schedule independent verificion and validion activities (penetrion tests, red team exercises, security code reviews, and assessments) using internal resources and trusted third parties. Build and opere incident response capabilities, including on-call rotions, playbooks, tabletop exercises, and post-incident reviews th drive preventive actions. Partner with program teams for stringent vetting and continual assessment of the supply chain, including third-party risk management, SBOM/CBOM practices, and vendor security reviews. Partner with Quality and compliance stakeholders to ensure security requirements are incorpored into business processes and product development lifecycle controls. Partner with Regulory Affairs, Quality, and Legal to transle regulory and privacy requirements into practical, scalable controls (e.g., FDA expections, HIPAA, GDPR, 21 CFR Part 11 where applicable). Conduct internal assessments and training to bolster security and regulory compliance across the product portfolio and associed development resources. Provide regular reporting to senior management on the thre landscape, merial risks, tactical controls, and stregic roadmap; communice tradeoffs and decisions clearly. Develop security awareness training for all employees and alloce budget for ongoing technical training and certificions for security staff. Actively recruit and lead by example to cree a respectful, inclusive culture where employees want to work; build partnerships with higher educion to grow a pipeline of future talent. Required Qualificions Bachelor’s degree in computer science, engineering, or a reled field, or equivalent practical experience. 15+ years in cybersecurity, product security, or security engineering, including 5+ years leading and scaling managers and/or globally distributed teams. Demonstred experience building security programs (not just opering them), including org design, hiring, tooling stregy, and culture development. Strong background in secure software development practices for cloud and mobile products (secure SDLC, thre modeling, applicion security testing, dependency risk management). Experience securing cloud-nive systems (e.g., AWS/Azure/GCP), including IAM, network security, logging/monitoring, secrets management, and infrastructure-as-code security. Experience leading vulnerability management and coordining remediion across engineering organizions, with clear SLAs and verificion practices. Proven incident response leadership, including building playbooks, running tabletop exercises, and driving post-incident corrective and preventive actions. Experience partnering with governance and compliance functions on risk assessments, exceptions, third-party risk, and audit readiness in reguled environments. Strong executive communicion skills, with the ability to transle technical risks into business impact and influence decisions across cultures and time zones. Demonstred ability to lead through influence in a fast-paced, cross-functional consumer technology and/or digital health environment. Preferred Qualificions Experience scaling security teams across U.S., European, and Asian geographies, with sensitivity to cross-cultural leadership and distributed opering models. Experience with security in reguled industries (medical devices, digital health, or life sciences), including familiarity with standards and expections (e.g., ISO 27001/27002, ISO 13485 intersections, IEC 62304 security considerions, FDA cybersecurity guidance). Experience securing IoT or biosensor da plforms, including telemetry integrity, device-to-cloud security pterns, and high-throughput da pipelines. Background in privacy engineering and da protection (PII/PHI), including DPIAs, da minimizion, and cross-border da considerions. Experience with security testing and assurance approaches for AI/ML systems (model abuse cases and secure model deployment practices). Relevant certificions (e.g., CISSP, CISM, CCSP, GIAC) or equivalent demonstred expertise. The base pay for this position is $172,000.00 – $344,000.00. In specific locions, the pay range may vary from the range posted. Apply Now