Cyber Security Assurance Specialist

Cyber Security Assurance Specialist

About the AstraZeneca

AstraZeneca is a global, innovation-driven biopharmaceutical business that focuses on the discovery, development, and commercialization of prescription medicines for some of the world's most serious diseases. But we're more than one of the world's leading pharmaceutical companies. 

At AstraZeneca, we're proud to have a unique workplace culture that inspires innovation and collaboration. Here, employees are empowered to express diverse perspectives - and are made to feel valued, energized and rewarded for their ideas and creativity. 

About the team

Enterprise Technology Services (ETS) are a global team that are accountable for many of the IT tools and services that directly contribute to the effectiveness of our AstraZeneca colleagues.

We partner locally in more than 60 global business sites for service delivery and IT experience and are accountable for all infrastructure, cybersecurity, IT operations and End User services and technologies.

ETS also manages many of the large IT contracts at AZ, as well as partnering with large organisations on behalf of AZ to deliver value and innovation through new and existing capabilities and services.

About The role

As a Cyber Security Assurance Manager, you will be part of AstraZeneca’s Cyber Security Governance organization. You will assess the security of IT solutions, 3rd Parties and Web Services against AZ standards and security framework controls to identify any risk and support the remediation processes to improve the security of the service. You will collaborate with Business, Solution Delivery, Architecture, Engineering, Quality and GRC (Governance, Risk & Compliance) functions across a global organization spanning US, UK, Sweden, China, Japan, Mexico, India and beyond.

The Cyber Security Assurance Specialistwill be accountable for:

• Perform cyber security assessments of suppliers, IT solutions, software, and data transfer processes.
• Drive continuous improvement of security assurance processes by analyzing and identifying innovative ways to simplify processes while maintaining a security by-design mindset and improving user experience.
• Conduct security architectural reviews throughout the project and solutions design lifecycle to identify and address potential security issues.
• Keep up with the latest security trends and technologies considered for secure solution design to ensure the organization remains ahead of emerging threats.
• Help drive awareness of security principles, policies, standards, and governance through the security solution review processes to foster a culture of security awareness within the organization.
• Act as an advocate for Cyber Security within AstraZeneca, internally within IT and to the wider business to ensure Security standards are understood and adopted at all levels.

Requirements

Essential

• Must have 7+ years of direct experience in Cyber Security
• Proven experience with securing networks, systems, and applications.
• A deep understanding of Security Architecture and technologies, including firewalls, proxies, SIEM (Security Information and Event Management), antivirus software, and DLPs (Data Loss Prevention).
• Experience with security protocols, cryptography, authentication, authorization, and network security implementations.
• Working knowledge of common attack techniques and their remediation/defense including DoS, DDoS, Social engineering, Virus, Malware, Vulnerability exploitation, Phishing & Spear Phishing, Worms, Trojans, Rootkits, Ransomware, XSS, SQL Injection, Remote Command Execution, Session Hijacking, etc
• Process analysis and improvement.
• Ability to carry out reviews, analysis and assessments for different technologies and applications.
• Security Architecture and solution design.
• Ability to think critically and innovatively about keeping data safe within a solution while still allowing the business to operate and grow.
• Ability to prioritise and validate the threats that really matter.
• Able to collaborate across multiple teams spanning many geographic regions.
• Excellent written and oral communication skills

Desirable

• Knowledge of risk assessment tools, technologies, and methods.
• Exposure to Cyber Security Frameworks and regulations.
• Experience working closely with Governance, Risk and Compliance functions.
• Knowledge of Enterprise Architecture.
• Knowledge of Cloud Security and Architecture.
• Professional Security Certifications such as CISSP, CRISC, CISM, etc.
• Cloud Security and solution design
• Development of security policies, standards, and procedures
• Knowledge about emerging technologies (OpenAI, GenAI)

Why AstraZeneca?

At AstraZeneca when we see an opportunity for change, we seize it and make it happen, because any opportunity no matter how small, can be the start of something big. Delivering life-changing medicines is about being entrepreneurial - finding those moments and recognising their potential. Join us on our journey of building a new kind of organisation to reset expectations of what a bio-pharmaceutical company can be. This means we’re opening new ways to work, pioneering cutting edge methods and bringing unexpected teams together.

Interested? Come and join our journey.

So, what’s next!

Are you already imagining yourself joining our team? Good, because we can’t wait to hear from you.

Where can I find out more?

Our Social Media:

Follow AstraZeneca on LinkedIn https://www.linkedin.com/company/1603/

Follow AstraZeneca on Facebook https://www.facebook.com/astrazenecacareers/

Follow AstraZeneca on Instagram https://www.instagram.com/astrazeneca_careers/?hl=en

AstraZeneca is an equal opportunity employer.

AstraZeneca will consider all qualified applicants for employment without discrimination on grounds of disability, sex or sexual orientation, pregnancy or maternity leave status, race or national or ethnic origin, age, religion or belief, gender identity or re-assignment, marital or civil partnership status, protected veteran status (if applicable) or any other characteristic protected by law. AstraZeneca only employs individuals with the right to work in the country/ies where the role is advertised.

📌Strong English communication skills required.

📌 Positions are open to Mexican Citizens and official residents of Mexico.

📍 Location: Guadalajara (hybrid - Expectation of working in the office 3 days a week)
When we put unexpected teams in the same room, we unleash bold thinking with the power to inspire life-changing medicines. In-person working give us the platform we need to connect, work at pace and challenge perceptions. That’s why we work, on average, a minimum of three days per week from the office. But that doesn’t mean we’re not flexible. We balance the expectation of being in the office while respecting individual flexibility.

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.