Security Operations Lead

Are you ready to be part of the future of healthcare? Are you able to think big, be bold, and harness the power of digital and AI to tackle longstanding life sciences challenges?  Then Evinova, a new health tech business part of the AstraZeneca Group might be for you!   

Transform billions of patients’ lives through technology, data and cutting-edge ways of working. You’re disruptive, decisive and transformative. Someone who’s excited to use technology to improve patients’ health. We’re building a new healthtech business – Evinova, a fully-owned subsidiary of AstraZeneca Group.

We are now hiring a Security Operations Lead to join the Cyber Security team.

Evinova delivers market-leading digital health solutions that are science-based, evidence-led, and human experience-driven. Thoughtful risks and quick decisions come together to accelerate innovation across the life sciences sector. Be part of a diverse team that pushes the boundaries of science by digitally empowering a deeper understanding of the patients we’re helping. Launch pioneering digital solutions that improve the patients’ experience and deliver better health outcomes. Together, we have the opportunity to combine deep scientific expertise with digital and artificial intelligence to serve the wider healthcare community and create new standards across the sector.

The Security Operations Lead role presents a unique opportunity to join Evinova from the beginning and implementing innovative cyber security practices that are designed by industry, for industry. The Security Operations Lead, reporting to the Evinova Head of Cyber Security, will be focused on leading and maturing Evinova’s capabilities in the areas of threat detection, intelligence, defense, and response – encompassing our enterprise infrastructure and external customer facing digital solutions.

This role will collaborate closely with platform and product engineering teams to ensure adequate coverage is achieved for our threat detection and vulnerability management processes. The ideal candidate will have a strong understanding of security operations best practices, especially in the cloud-native context, and be an excellent communicator with non-security focused colleagues. The role will provide ample opportunities for program ownership, increased levels of accountability, and significant visibility with business leaders (e.g., CTO organization, Legal, Finance, HR, etc.).

Additionally, this role will closely collaborate with globally dispersed technology teams – enabling excellent opportunities for professional development across technology domains and international geographies. Success in this role includes leading by influence, exhibiting strong emotional intelligence, and a natural disposition towards precision and accuracy. The ideal candidate will think holistically and proactively deliver on strategic initiatives to leverage next generation security solutions and providers.  

Key responsibilities include:

• Develop and maintain a comprehensive Evinova security operations program, encompassing the areas of threat detection, analysis and response; threat intelligence; vulnerability management; security tools and technologies; log management and analysis; network security monitoring and segmentation; cloud posture monitoring, compliance monitoring / auditing, and operational resilience.
• Maintain relevant security operations related policies, procedures, and standards to establish clear and actionable guidelines for related controls, monitoring objectives, and incident response protocols. Ensuring the security operations activities are aligned to and compliant with leading practices, regulatory requirements, and end customer expectations.
• Partnering with the Cyber Architecture Lead and Product Security Engineering Lead to define and operate a portfolio of scalable and fit for purpose security tools and services.
• Establish and maintain metrics reports to evidence Security Operations trends – in collaboration with the Cyber Governance, Risk, and Compliance Lead.
• Maintain day-to-day oversight of outsourced / managed security service providers and their achievement of security operations relevant Service Level Agreement (SLA) and Key Performance Indicator (KPI) targets. Serving as the primary focal point for security operations, incident management, and compliance reporting capabilities.
• Develop and maintain Evinova-wide cyber security incident response plans and procedures to ensure conformity with relevant standards / regulatory requirements, and end customer expectations for incident response timelines and reporting.
• Lead security incident investigations and coordinating response efforts to ensure adequate containment, risk-based prioritization, mitigation, and remediation of realized cyber risks. Develop post-incident briefings and lessons learned artifacts – contributing to the overall cyber program continuous improvement objectives.
• Support the Head of Cyber Security and Chief Technology Officer in conducting periodic tabletop exercises and cyber crisis simulations to ensure organizational preparedness for realized cyber risks.
• Support the Head of Cyber Security in the identification and evaluation of advanced threat detection technologies and techniques to enhance our holistic detection capabilities and proactively maintaining defenses against emerging cyber threats.
• Drive the operationalization of a comprehensive Evinova-wide vulnerability management program to ensure timely identification and assessment of technological vulnerabilities in our infrastructure and coordinating with the relevant teams to deploy patches and remediation activities to address identified vulnerabilities.
• Ensure optimal threat detection capability through frequent review of log sources / sensors, event correlation and detection logic, and overall health of the SIEM platform.
• Leverage external sources of Threat Intelligence (e.g., Service Providers, Memberships, IoC Feeds, Open Source Reporting, etc.) to proactively identify and assess threats that may impact Evinova, and producing insightful briefings to adjacent teams (e.g., incorporating TI into ways of working for engineers and product teams).
• Partnering with the adjacent cyber teams and platform / product teams to ensure seamless integration of security operations capabilities and insights sharing.

Minimum Qualifications:

• Bachelor’s degree in Technology, Computer Science, Engineering, or a related field.
• 6+ years of combined experience in Security Operations relevant domains such as Threat Detection and Analysis, Threat and Vulnerability Management, Network / Database / Endpoint / Application Security, Penetration Testing, Malware Decomposition, Event Analysis, Incident Response, Cyber Forensics, and Ethical Hacking. Cloud-protection and monitoring experience is strongly preferred.
• Prior experience providing Security Operations capabilities at a SaaS / cloud service provider.
• Expert knowledge on threat actors targeting the Healthtech sector and SaaS solution providers.
• Expert level understanding of SIEM platforms, detection logic, and overall security monitoring and response activities.
• Deep understanding of information security operations related frameworks, standards, indicators of compromise (IoCs) and adversarial tactics, techniques, and procedures (TTPs). Experience leveraging the MITRE ATT&CK framework is strongly preferred. 
• In-depth knowledge of key security technologies / concepts such as Network Intrusion Protection, Cloud Security, EDR, Firewalls, Privileged Access, Encryption, Data Protection, etc.
• Demonstrable experience delivering Security Operations capabilities in cloud-native (AWS preferred) environments.
• Demonstrable experience identifying and critically analyzing problems to determine root causes and driving transformational change.
• Well-versed in Security Orchestration, Automation, and Response (SOAR) solutions and their implementation.
• Experience deploying and operating vulnerability management scanning tools.
• Deep understanding of information security technologies, networking, and network architecture required – preferably in-depth exposure to Amazon Web Services and Microsoft Azure security concepts / services.
• Ability to make pragmatic decisions by analyzing highly complex situations, assessing risks and balancing strategic and tactical compliance/quality requirements.
• Ability to work independently in a fast-paced environment with a proven ability to manage competing priorities.
• Excellent written and verbal communication skills (English), project management, process improvement, attention to detail, and strategic thinking skills are highly preferred.
• At least one of the following professional certifications: Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), Certified Incident Handler (GCIH), AWS Certified Security, and / or Certified Ethical Hacker (CEH).

Desired Qualifications

• Master’s degree in Technology, Computer Science, Engineering or a related field

• Experience in providing Security Operations capabilities within a highly regulated sophisticated global business environment, particularly in the healthcare and / or clinical research industry. 
• Demonstrate initiative, strong customer orientation, and cross-cultural working

Why Evinova( AstraZeneca)?
Evinova draws on AstraZeneca’s deep experience developing novel therapeutics, informed by insights from thousands of patients and clinical researchers. Together, we can accelerate the delivery of life-changing medicines, improve the design and delivery of clinical trials for better patient experiences and outcomes, and think more holistically about patient care before, during and after treatment.  We know that regulators, healthcare professionals and care teams at clinical trial sites do not want a fragmented approach. They do not want a future where every pharmaceutical company provides their own, different digital solutions. They want solutions that work across the sector, simplify their workload and benefit patients broadly. By bringing our solutions to the wider healthcare community, we can help build more unified approaches to how we all develop and deploy digital technologies, better serving our teams, physicians and ultimately patients.  Evinova represents a unique opportunity to deliver meaningful outcomes with digital and AI to serve the wider healthcare community and create new standards for the sector. 

Join us on our journey of building a new kind of health tech business to reset expectations of what a bio-pharmaceutical company can be. This means we’re opening new ways to work, pioneering cutting edge methods and bringing unexpected teams together. Interested? Come and join our journey.

So what’s next?
Are you ready to bring new ideas and fresh thinking to the table? Brilliant! We have one seat available, and we hope it’s yours. Welcome with your application!

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.