Associate Director Cybersecurity Threat intelligence and Forensic

Are you experienced in, and passionate about IT leadership? Consider applying your expertise to impact the delivery of innovative business solutions to build maximum competitive advantage in a company that follows the science and turns ideas into life changing medicines? AstraZeneca might be the one for you!

At AstraZeneca, we put patients first and strive to meet their unmet needs worldwide. Working here means being daring, thinking big and working together to make the impossible a reality. If you are swift to action, confident to lead, willing to collaborate, and curious about what science can do, then you’re our kind of person.

ABOUT THE ENTERPRISE TECHNOLOGY SERVICES TEAM

The Enterprise Technology Services (ETS) team is accountable for all Infrastructure, Security, IT Operations and all End User Services and technologies. This group will ensure that our IT Services are seamless and secure, and that technology is delivered in an efficient, effective, and agile way, with a solid focus on experience. It’s a dynamic and exciting environment to work in – but that’s why we like it. There are countless opportunities to learn and grow, whether that’s exploring new technologies in hackathons, or transforming the roles and work of colleagues, forever. This is your chance to be part of a team that has the backing to innovate, disrupt an industry and change lives.

JOB ROLE

We’re looking for IT security experts that can help us on the journey through this challenging and ever-changing technology landscape. Individuals who:

• Understand that security is a journey and not a destination. Cyber Security is not something that can be “fixed”, and we instead need to focus on innovation to maintain sustainable risk position against the evolving threat landscape.
• Understand that we can’t just buy our way out of a Cyber Security problem. Technology may win the battle, but it won’t win the war.
• Understand that Cyber Security is not just dealing with individual hackers. We are potentially working against state-sponsored attacks and multi-billion-dollar organized crime syndicates.
• Understand attackers, their motivations, and their ways of working to be able to get ahead and keep ahead of them.

KEY RESPONSIBILITIES

• You will be responsible for leading a team and providing management, leadership and oversight of the internally delivered Cyber Security intelligence and Forensic service.
• Provide cyber risk and threat identification by proactively and continuously monitoring the internal and external landscape for relevant events, risks and threats related to malicious code, vulnerabilities and attacks
• Ownership of threat intelligence monitoring tool services, contracts and relationships
• Recommend mitigation Tactics Techniques and Procedures (TTPs) for identifying malicious logic within the environment
• Maintain current knowledge of tools and best-practices in advanced persistent threats
• Regularly developing and producing succinct written intelligence reports constructed from technical analysis and collected threat information
• Tracking potential threats associated with attempted intrusions, network & host-based attacks, and coordinating incident response efforts with cyber security teams
• Creating threat assessments to understand relevance to the enterprise along with potential impact
• Produce Threat Intelligence Reports, providing detailed analysis on cyber events, including relevant political, economic and geopolitical variables
• Collaborate with external entities and authorities to collect and share Indicators of Compromise (IoC) and discovered intelligence
• Develop and distribute situational activity reports on existing and newly discovered vulnerabilities within and without the organization, as applicable
• Collaborate with the Incident Response team for the investigation and remediation of identified threats
• Watching the internet plus other sources for emerging threats
• Investigating materials or data associated with AstraZeneca on the Internet
• Analyze digital evidence and investigate computer security incidents to derive useful information in support of an ongoing investigation
• Reviewing digital evidence and identifying possible lines of investigation for further analysis
• Collecting and preserving evidence from computer systems in accordance with legal standards
• Creating a detailed chain of custody for all evidence collected during an investigation
• Performing forensic analysis on computer hardware, software, and operating systems to recover evidence and timelines.

ESSENTIAL EXPERIENCE

• Extensive experience working in Security, in a complex, multinational, corporate environment (10+ years)
• Proven experience leading a cyber security team
• Security clearance in US or UK
• A deep understanding of various security technologies and controls
• Demonstrate a detailed understanding of Cyber security
• Deep understanding of Threat intelligence and Forensic methodologies and tools
• Experience conducting Cyber Security forensic investigations
• Host analysis experience with Forensics tools
• A relevant technical degree, competence or equivalent (CISSP, CISM, CCSP) and competence to lead various Security initiatives
• The role will manage people and advise the work of others
• Excellent problem solving and fix skills, autonomous working, direction and goal setting
• Strong written and verbal communication skills along with the proven ability to communicate sophisticated, technical information to both technical and non-technical audiences
• Be valued and respected for collaboration, integrity and enablement
• Experienced in developing and leading innovative solutions and “thinking outside of the box”
• Ability to analyze sophisticated situations, assessing risks and balancing strategic and tactical Security requirements with business pragmatism, risk appetite and innovation
• Ability to prioritize, re-schedule and adapt to changes in a dynamic environment
• Excellent discernment with sensitivity to environment
• Experience working in a global organization where customers and team members are geographically dispersed.

KEY RELATIONSHIPS

• IT Operational teams
• AZ business risk / security teams
• Procurement
• Finance
• Internal audit teams
• IT & Global Compliance teams

Education Requirements

• Bachelor's Degree in Technology Related Discipline Required

WHY JOIN IT?

We’re a network of entrepreneurial self-starters who chip in to something far bigger. There’s a diversity of expertise in our Technology group that’s unique to AstraZeneca – it allows us to dive deep into exploring new groundbreaking technology. We enable AstraZeneca to perform at its peak by delivering world-class technology and data solutions. Our work unlocks the potential of science. We optimize and evolutionise AstraZeneca by improving efficiencies and finding new ways to drive productivity. From automation to data simplification. We’re not afraid to take ownership and run with it. Empowered with unrivaled freedom. A place to be open and visible – we speak up, think creatively and share ideas. Our diverse contributions help us to make better decisions. But we have a constant drive to innovate, and an appreciation for high standards. It takes challenging the status quo to make valuable contributions in our ever-evolving environment. We love it here because put simply, we make a relevant impact.

Technology at AstraZeneca is a home for purposeful disruptors!

So, what’s next!

Are you already envisioning yourself joining an inclusive environment? Good, because we can’t wait to hear from you.

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and team with varied strengths representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We align with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.

AstraZeneca requires all US employees to be fully vaccinated for COVID-19 but will consider requests for reasonable accommodations as required by applicable law.

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.

AstraZeneca requires all US employees to be fully vaccinated for COVID-19 but will consider requests for reasonable accommodations as required by applicable law.