Senior Manager – External Identity (CIAM) Cyber Security

Job Title: Senior Manager – External Identity (CIAM) Cyber Security

GCL: E

Introduction to role:

Are you ready to build trusted external authentication solutions that keep our partners, suppliers, and patients secure while enabling breakthrough science at speed? Do you see yourself leading CIAM at global scale, where robust assurance and streamlined user journeys unlock collaboration across the healthcare ecosystem?

In this role, you will drive the evolution of external identity across critical platforms, safeguarding access and data for our extended network while improving how people connect to our services. You will be responsible for the charge on reliability, security posture, and user experience for B2B today and B2C tomorrow, orchestrating end-to-end delivery and measurable outcomes across registration, authentication, federation, and governance.

You will join an inclusive, multi-functional community that pairs pioneering technology with adventurous thinking. Here, a diverse group of minds works together to simplify sophisticated challenges. They develop robust networks of trust and operating models. These help our scientists and partners move faster and more authoritatively to impact patients. lives.

Accountabilities:

• Service Assurance and Reliability: Own CIAM service assurance by defining and supervising performance against SLAs/SLOs and happiness measures; lead regular reviews of registration and activation flows, authentication success rates, federation trust health, and operational controls; drive measurable improvements to system dependability, protection standards, and customer interactions.
• Oversight of service management and guidelines: Take charge of handling service operations and policies connected to onboarding, identity verification/proofing (where applicable), federation setup, credential lifecycle, consent and data privacy controls, incident and major incident handling, and critical incident resolution; guarantee effective change, configuration, release, and access governance aligned to standards.
• Customer Partnership and Road-mapping: Collaborate with application owners and business collaborators to bring together trust and assurance requirements; translate them into a prioritized CIAM roadmap for integrations across internal and SaaS platforms (for example ServiceNow, Veeva Vault, and Exostar); balance single-IdP and multi-IdP constraints and make clear, risk-based decisions.
• Architecture and Federation Design: Work across Directory Services, Network, Cloud, Security Engineering, Enterprise Architecture, Data Privacy, and Compliance to design and deliver secure trust pathways and federation patterns to and from Microsoft Entra for workforce and third party IdPs; ensure designs are auditable end-to-end.
• End-to-End Delivery Leadership: Lead end-to-end delivery for CIAM initiatives, spanning requirements, reference architecture, solution design, configuration and policy, directory schema and claims/attribute strategy, CI/CD automation, testing, cutover, migration, and steady-state operations.
• Privileged Access Management: Define and operate privileged access patterns for third party service providers, enabling secure remote access, session monitoring, and least privilege role models.
• Define and carry out strong authentication and authorization rules for users outside the organization. Include MFA, SSO, and role or permission models.
• Ensure periodic access reviews and segregation-of-duties checks happen where applicable. Collect audit evidence as part of the process.
• Continuous Improvement: Drive continuous improvement through standards, processes, and SLAs, improving security, robustness, and efficiency while reducing friction in user journeys.
• Manage Service Improvement Plans after major identity incidents like degraded login, token issuance failures, or federation breakage.
• Drive progress on the roadmap for modern features. These features include multifaceted authentication methods complemented by passkeys and WebAuthn protocols, supporting the planned expansion from B2B into B2C use cases.
• Threat Detection and Incident Response Integration: Integrate CIAM operations with broader Cyber Security functions to strengthen threat detection, incident response, and risk management for external identities; partner with SOC/CSIRT, Threat Intelligence, and Security Engineering to onboard and correlate CIAM telemetry in approved SIEM/SOAR platforms; define detections and playbooks for identity charges; lead joint triage and containment activities during incidents.
• Work with GRC/Risk to keep CIAM-related risks updated in the risk register. Define and report critical and important metrics. Support control testing and audit evidence. Ensure third-party and application integrations meet external identity security requirements. Perform periodic assessments, threat modeling, and remediation tracking.
• Resilience and Recovery: Ensure systems have durability and restoration measures in place, including configuration backup, runbooks, failover readiness, and disaster recovery testing aligned to availability requirements.
• Knowledge Management and Standards: Maintain CIAM reference architectures, integration patterns (B2B now, B2C-ready), and service catalog content as a single source of truth for engineering teams and consumers.

Essential Skills/Experience:

• Candidates typically hold over 12 years of expertise in handling digital identities and access controls, particularly concentrating on customer identity and access management. They possess a history of providing and managing solutions within large organizations.

• Shown leader of large, sophisticated programs—able to set direction, make risk‑based decisions, and advise senior leaders on identity posture, vendor/platform selection, and migration strategy.

• They can evaluate solution options and select appropriate approaches based on security, scalability, user experience, and operational fit.

• They have a demonstrable record producing and communicating reference architectures. They drive adoption across engineering and architecture communities. They also have experience running research and proof-of-concepts in modern CIAM capabilities like adaptive authentication and passkeys/WebAuthn.

• They have shown people management capability, including coaching, performance management, and establishing team capability over time.

Desirable skills/experience

• Experience leading B2B CIAM services that include federation setup, trust pathways, partner onboarding models, delegated administration, and strong operational governance is helpful, with the ability to evolve those foundations toward B2C requirements such as higher-volume registration/login journeys, consent and privacy considerations, and experience-focused authentication recovery patterns.

• Deep knowledge of Microsoft Entra External Identities (formerly Microsoft Entra B2B) and secure integration patterns to workforce and third‑party IdPs is beneficial, as is practical experience with integrations such as ServiceNow Risk Manager, Veeva ID, and Exostar.

• Proficiency in infrastructure-as-code and configuration-as-code (for example Terraform and Ansible) and CI/CD governance for identity changes is a plus, along with experience delivering low/zero-downtime migrations between identity platforms.

Why AstraZeneca:

You’ll help build the identity backbone that enables global teamwork—combining digital platforms with scientific ambition to deliver real impact for patients.

We unite diverse expertise, partner widely, and move at the pace of a data‑led enterprise. It’s a place to own outcomes, experiment with leading tech, and keep learning in a supportive, candid culture—where your decisions drive the business and unlock the potential of science

Call to Action:

Step into a high-impact leadership role and help create secure, detailed external identity experiences that accelerate our mission—make your mark today!

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform crucial job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Date Posted

Closing Date

AstraZeneca embraces diversity and equality of opportunity.  We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills.  We believe that the more inclusive we are, the better our work will be.  We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics.  We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.