Skip to main content
SEARCH ROLES

Search roles

Lead Consultant - Cybersecurity Remediation Engineer

Location Zapopan, Jalisco, Mexico Job ID R-225036 Date posted 21/04/2025
Apply

Job Title: Lead Consultant - Cybersecurity Remediation Engineer

Location: Guadalajara, Jalisco

Work Scheme: Hybrid

Introduction to the Role

We are seeking a detail-oriented and analytical Risk Remediation Engineer to join our growing team. In this critical role, you will analyze findings from penetration tests and other security assessments, conduct thorough root cause analyses, and drive the remediation process. Collaborating closely with subject matter experts (SMEs) across various technology teams, you will identify and implement effective steps to address technical risks. Furthermore, you will contribute to the ongoing enhancement of our risk management program by tracking metrics, key performance indicators (KPIs), and reporting on remediation progress.

Accountabilities

  • Findings Analysis & Root Cause Analysis: Review penetration test findings, dissect vulnerabilities, and conduct root cause analyses to comprehend underlying issues. Identify the most effective remediation steps for each vulnerability.

  • Collaboration with SMEs: Partner with SMEs from IT teams (e.g., network, development, infrastructure, applications, cloud, SaaS, security) to develop and implement remediation solutions addressing identified risks.

  • Remediation Solutioning & Deployment: Architect, design, and deploy risk remediation solutions based on analysis, ensuring alignment with organizational security requirements and best practices.

  • Risk Mitigation & Trade-off Analysis: Assess and evaluate alternative solutions, considering trade-offs related to risk, cost, implementation time, and business impact.

  • Continuous Program Improvement: Aid in evolving the risk remediation program by tracking key metrics and KPIs. Document and report on remediation efforts to ensure program improvement.

  • Compliance & Reporting: Ensure remediation activities comply with industry standards, regulations, and best practices (e.g., NIST, ISO). Produce detailed stakeholder reports on remediation progress and outcomes.

  • Stakeholder Communication: Communicate risk findings, remediation strategies, and status updates effectively to technical and non-technical stakeholders across the organization.

Essential Skills/Experience

  • Technical depth to understand findings, identify root causes, and design remediations.

  • Proven experience in risk analysis, vulnerability management, and/or IT security.

  • Strong experience in penetration test result analysis and root cause identification.

  • Familiarity with common penetration testing tools and techniques.

  • Ability to work cross-functionally with IT teams to design and implement remediation solutions.

  • Strong problem-solving skills with the ability to develop actionable remediation strategies.

  • Experience in risk assessment, mitigation, and management, with knowledge of risk management frameworks and best practices.

  • Proficiency in documenting metrics, KPIs, and remediation progress for continuous program improvement.

  • Knowledge of security standards and frameworks (e.g., NIST, ISO, SOC 2).

  • Strong communication skills, both written and verbal, to explain technical issues to non-technical stakeholders.

Desirable Skills/Experience

  • Experience with attack chains and ability to quantify risk based on other security controls.

  • Experience with security tools and technologies.

  • Familiarity with cloud environments and security practices (AWS, Azure, GCP).

  • Experience in automation and scripting.

  • Expertise in data analytics or reporting tools (e.g., Power BI, Tableau, Excel).

When we put unexpected teams in the same room, we spark ambitious thinking with the power to inspire life-changing medicines. In-person working gives us the platform we need to connect, work at pace and challenge perceptions. That's why we work, on average, a minimum of three days per week from the office. But that doesn't mean we're not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and high-reaching world.

Play your part in supplying to a business truly dedicated to its purpose and patients. United by a shared connection and commitment, we can see how everything we do adds up to a bigger impact on patients and society. Working for an enterprise at the forefront of science brings a huge sense of pride in our potential to transform lives.

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.

50200043 E ITCS Operations
Apply

We’ll keep you up to date

Sign up to be the first to receive job updates

Interested InPlease select a category or location option. Click “Add” to create your job alert.

By signing up, I acknowledge I have read the AstraZeneca privacy policy, and I wish to receive email communications and SMS communications. I understand I can opt-out from receiving email and SMS communications at any time.

Glassdoor logo Rated four stars on Glassdoor

Great culture, great work assignments, supportive management. Rotation opportunity within the company. They value inclusion and diversity.

see our latest Glassdoor reviews here