Application & Platform Security Architect

AbbVie

Information Security Architect at AbbVie focused on application and platform security practices. Collaborating with IT teams to define and implement comprehensive security programs.

Posted 6/27/2026full-timeRemote • 🇺🇸 United StatesSeniorLead💰 $141,500 - $268,500 per yearWebsite

Tech Stack

Tools & technologies

AWSAzureCloudDockerGoogle Cloud PlatformKubernetes

About the role

Key responsibilities & impact

Define reusable security architecture patterns and guardrails to enable consistent, secure implementation across high-risk business applications.
Drive secure-by-design initiatives by integrating security considerations early in the software architecture lifecycle and influencing enterprise architecture direction.
Represent security architecture in design authority boards and technical review councils, advocating for risk-based security controls.
Work with in-business IT customers, including application architects and engineers to evaluate application software and infrastructure designs, for the purpose of defining/designing application controls aligned with enterprise standards.
Define application-specific security control architectures and produce design artifacts to guide secure implementation of business-critical systems.
Develop re-usable implementation guidance and design patterns based on previous engagements to scale the service.
Work with information security leadership to develop strategies and plans to enforce security requirements and address identified risks in the infrastructure and applications.
Act as a security architecture liaison to IT delivery and engineering teams, embedding security principles into technical delivery and architecture review forums.
Support security aspects of business & IT initiatives by assisting in architecture, design, implementation, deployment, and operational transition of innovative & secure technology solutions.

Requirements

What you’ll need

Bachelor’s degree and 9 years of experience OR Master’s Degree and 8 years of experience OR PhD and 4 years of experience in information security and/or related functions (IT Audit, Risk Management or Security Architecture).
Must have demonstrated exceptional ability to assess and communicate information security concepts and practices, with both business and IT stakeholders.
Requires in-depth knowledge of the systems development life cycle, client area’s functions and systems, and systems applications programs development technological alternatives.
Proven implementation of creative technology solutions that advance the business.
Strong understanding of application security principles, including OWASP Top 10, SANS/CWE Top 25, and secure coding practices.
Expertise in secure session management, token handling, and authentication mechanisms (OAuth, SAML, OpenID Connect).
Knowledge of cryptographic practices, encryption protocols, and PKI management.
Experience with containerization (Docker, Kubernetes) and cloud platforms (AWS, Azure, GCP).
Familiarity with tools for code analysis (e.g., SonarQube, Veracode) and vulnerability scanning (e.g., Burp Suite, Nessus).
Understanding of DevSecOps practices, including securing CI/CD pipelines.

Benefits

Comp & perks

Paid time off (vacation, holidays, sick)
medical/dental/vision insurance
401(k) to eligible employees
long-term incentive programs

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

information securitysecurity architectureapplication security principlessecure coding practicessecure session managementtoken handlingauthentication mechanismscryptographic practicesencryption protocolsDevSecOps practices

Soft Skills

communicationcollaborationinfluencingadvocacyproblem-solvingstrategic planningrisk assessmentstakeholder engagementtechnical leadershipguidance development