• Define reusable security architecture patterns and guardrails to enable consistent, secure implementation across high-risk business applications • Drive secure-by-design initiatives by integrating security considerations early in the software architecture lifecycle and influencing enterprise architecture direction • Represent security architecture in design authority boards and technical review councils, advocating for risk-based security controls • Work with in-business IT customers, including application architects and engineers to evaluate application software and infrastructure designs, for the purpose of defining/designing application controls aligned with enterprise standards • Define application-specific security control architectures and produce design artifacts to guide secure implementation of business-critical systems • Develop re-usable implementation guidance and design patterns based on previous engagements to scale the service • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks in the infrastructure and applications • Act as a security architecture liaison to IT delivery and engineering teams, embedding security principles into technical delivery and architecture review forums • Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions • Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies • Establish collaborative working relations with the Information Technology functions to ensure that solutions align with security architecture and business strategy • Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned • Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed • Research and assess new information security threats and recommend remedial actions • Foster an information security culture through education, skill development, and implementation of effective information security processes and practices • Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development lifecycle • Design the security architecture for applications, ensuring all components meet best practices and regulatory compliance • Work closely with software development, DevOps, and operations teams to integrate security into the software development lifecycle (SDLC) • Lead efforts in identifying potential threats through application threat modeling and propose design changes to mitigate risks

• Define reusable security architecture patterns and guardrails to enable consistent, secure implementation across high-risk business applications. • Drive secure-by-design initiatives by integrating security considerations early in the software architecture lifecycle and influencing enterprise architecture direction. • Represent security architecture in design authority boards and technical review councils, advocating for risk-based security controls. • Work with in-business IT customers, including application architects and engineers to evaluate application software and infrastructure designs, for the purpose of defining/designing application controls aligned with enterprise standards. • Define application-specific security control architectures and produce design artifacts to guide secure implementation of business-critical systems. • Develop re-usable implementation guidance and design patterns based on previous engagements to scale the service. • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks in the infrastructure and applications. • Act as a security architecture liaison to IT delivery and engineering teams, embedding security principles into technical delivery and architecture review forums. • Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions.

• Define reusable security architecture patterns and guardrails to enable consistent, secure implementation across high-risk business applications • Drive secure-by-design initiatives by integrating security considerations early in the software architecture lifecycle and influencing enterprise architecture direction • Represent security architecture in design authority boards and technical review councils, advocating for risk-based security controls • Work with in-business IT customers, including application architects and engineers to evaluate application software and infrastructure designs, for the purpose of defining/designing application controls aligned with enterprise standards • Define application-specific security control architectures and produce design artifacts to guide secure implementation of business-critical systems • Develop re-usable implementation guidance and design patterns based on previous engagements to scale the service • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks in the infrastructure and applications • Act as a security architecture liaison to IT delivery and engineering teams, embedding security principles into technical delivery and architecture review forums • Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions • Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies • Establish collaborative working relations with the Information Technology functions to ensure that solutions align with security architecture and business strategy • Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned • Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed • Research and assess new information security threats and recommend remedial actions • Foster an information security culture through education, skill development, and implementation of effective information security processes and practices • Understand and adhere to corporate standards regarding applicable Corporate and Divisional Policies, including code of conduct, safety, GxP compliance, data security, and the software development lifecycle • Matures and leverages relationships with affiliates, subsidiaries, vendors, and industry peers in accordance with AbbVie Values, Vendor Management Office, and Purchasing to further the mission, vision, and goals of the organization • Design the security architecture for applications, ensuring all components meet best practices and regulatory compliance • Work closely with software development, DevOps, and operations teams to integrate security into the software development lifecycle (SDLC) • Lead efforts in identifying potential threats through application threat modeling and propose design changes to mitigate risks

• Define reusable security architecture patterns and guardrails to enable consistent, secure implementation across high-risk business applications. • Drive secure-by-design initiatives by integrating security considerations early in the software architecture lifecycle and influencing enterprise architecture direction. • Represent security architecture in design authority boards and technical review councils, advocating for risk-based security controls. • Work with in-business IT customers, including application architects and engineers to evaluate application software and infrastructure designs, for the purpose of defining/designing application controls aligned with enterprise standards. • Define application-specific security control architectures and produce design artifacts to guide secure implementation of business-critical systems. • Develop re-usable implementation guidance and design patterns based on previous engagements to scale the service. • Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks in the infrastructure and applications. • Act as a security architecture liaison to IT delivery and engineering teams, embedding security principles into technical delivery and architecture review forums. • Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions. • Research, evaluate, design, test, recommend and plan the implementation of new or updated information security technologies. • Establish collaborative working relations with IT functions to ensure that solutions align with security architecture and business strategy. • Play an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned. • Complete remediation activities and initiate actions to ensure that compliance and security gaps are successfully addressed. • Research and assess new information security threats and recommend remedial actions. • Foster an information security culture through education, skill development, and implementation of effective information security processes and practices.