Security Application Solution Architect (Remote)

Be among the first 25 applicants.

Get AI-powered advice on this job and more exclusive features.

Company Description
AbbVie's mission is to discover and deliver innovative medicines and solutions that solve serious health issues today and address the medical challenges of tomorrow. We strive to have a remarkable impact on people's lives across several key therapeutic areas: immunology, oncology, neuroscience, and eye care, including products and services in our Allergan Aesthetics portfolio. For more information about AbbVie, please visit www.abbvie.com. Follow @abbvie on Twitter, Facebook, Instagram, YouTube, and LinkedIn.

Job Description
The Security Application Solution Architect is a member of the Information Security team, working closely with other team members to develop and implement a comprehensive information security program. This includes defining security policies, processes, and standards. The architect will collaborate with application development teams to ensure secure design, coding, configuration, and deployment of technology solutions. Responsibilities include managing application-level risks, session management, securing configuration files, secrets management, and system configuration risk identification. A deep understanding of secure application development practices, API security, and cloud environments is essential.

This position can be virtually from anywhere in the U.S.

• Design and architect enterprise-grade secrets management solutions using HashiCorp Vault, AWS KMS, Azure Key Vault, or BeyondTrust. Provide strategic and technical leadership for secure storage, access, rotation, and auditing of secrets across hybrid environments.
• Define reusable security architecture patterns and guardrails for high-risk business applications.
• Drive secure-by-design initiatives by integrating security early in the software architecture lifecycle and influencing enterprise architecture.
• Represent security architecture in design authority boards and review councils, advocating for risk-based security controls.
• Work with IT and application teams to evaluate and design application controls aligned with enterprise standards.
• Deep knowledge of cloud computing, virtualization, containerization, microservices, serverless, IAM, Kubernetes security, encryption, and CI/CD security.
• Advanced understanding of Identity Security, Zero Trust, federation technologies (WS-Fed, OAuth, SAML, OpenID Connect), and encryption protocols.
• Define architecture and roadmap for secrets management, including reference architectures and deployment models.
• Create security control architectures and design artifacts for critical systems.
• Develop implementation guidance and design patterns to scale security services.
• Collaborate with security leadership to develop strategies to enforce security requirements and mitigate risks.
• Act as a liaison to embed security principles into IT delivery and architecture reviews.
• Support security aspects of business and IT initiatives, including architecture, design, deployment, and operational transition.
• Research, evaluate, and recommend new security technologies.
• Establish collaborative relationships with IT functions to ensure solutions align with security and business strategies.
• Advise on security requirements during application development and acquisition projects, ensuring controls are implemented and gaps addressed.
• Research and assess new security threats, recommending remedial actions.
• Promote a security culture through education and process implementation.
• Adhere to corporate policies, including data security, GxP compliance, and SDLC standards.
• Build relationships with vendors and industry peers to further organizational goals.

• Bachelor's degree with 9+ years, Master's with 8+ years, or PhD with 4+ years in information security or related fields.
• Experience with Secrets Management tools (HashiCorp Vault, AWS KMS, Azure Key Vault, BeyondTrust).
• Proven experience in designing and deploying enterprise secrets management solutions.
• Strong communication skills to convey security concepts to stakeholders.
• Knowledge of security frameworks (ISO, NIST), application security principles, and secure coding practices.
• Experience with containerization, cloud platforms, and security tools for code analysis and vulnerability scanning.
• Understanding of DevSecOps practices and managing multiple projects independently.

Includes details on compensation, benefits, and legal notices. The salary range is indicative and may vary based on location and other factors. AbbVie is an equal opportunity employer committed to diversity and inclusion.

• Seniority level: Entry level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Internet News