Senior Director, Security Platform Engineering & Operations

Introduction to role

We want a senior cybersecurity leader to connect architecture engineering and operations. Their goal is to secure our cloud AI OT network and endpoint platforms across the globe. This role is crafted for someone who can lead through complexity raise maturity and help us build secure foundations that support innovation across AstraZeneca.

This role holds high-impact leadership responsibilities connected to AstraZenecas 2030 ambitions. You will lead the security platforms that support our digital transformation shaping strategy delivering resilient capabilities and turning policy into practical measurable controls. Reporting to theExecutive Director for Cybersecurity Architecture Engineering & Operations you will guide a globally distributed team of engineers and architects across theAmericas EMEA and APAC.

Accountabilities

Strategic Leadership and Architecture: Define and implement a multi-year strategy for developing and maintaining security infrastructure aligned to enterprise objectives. Own the functional engineering strategy and delivery horizon (1824 months with a 35 year vision). Chair the Cyber Design/Delivery Review Board to ensure cybersecurity alignment across transformation programs. Embed Trust by Design through secure patterns reference architectures and baseline configurations. Align activities to NIST CSF (Protect) and advance platform maturity beyond Tier 2 into Tier 3.

Platform Engineering and Operations:Govern the roadmap and lifecycle of core security platforms across cloud (e.g. Wiz GitGuardian Akeyless) network and OT (e.g. ClarOTy Proofpoint Zero Trust) endpoint (Microsoft Defender SIEM) and architecture tooling (Vectr Censys). Lead delivery of the Q3 2026 New SIEM program and drive the Security Copilot initiative. Operationalise Polaris/Sferical AI AstraZenecas sovereign AI datacenter in Sweden targeting go-live in May 2026. Engineer and implement enterprise infrastructure controls across OT network email and endpoint domains. Own cloud security policies baseline configurations and cloud compliance processes.

Risk Compliance and Consultative Services:Provide authoritative solution design consultations to major programs and business units including reference architecture reviews. Redesign the consultation model to be risk-based automated and enable rapid adoption. Assess and adjudicate exceptions to cloud and infrastructure standards; shape risk mitigation plans. Manage immediate and long-term risks to engineering continuity through cross-functional engagement. Maintain regulatory relationships and ensure compliance with IEC 62443 NIST 800-82 and AstraZenecas Security Policy Framework.

People Talent and Partnerships:Build mentor and inspire a high-performing globally distributed engineering organization. Develop leadership and specialist capabilities through coaching delegation and stretch assignments. Grow the talent pipeline with future-critical skills in AI/GenAI Zero Trust and cloud-native security. Maintain strategic vendor partnerships (Wiz Microsoft ClarOTy Proofpoint and others). Collaborate closely with adjacent technology and security teams and regional stakeholders to drive integration and alignment.

Financial Stewardship:Develop and manage budgets including capital plans for the Security Platform Engineering & Operations portfolio. Optimize resources and vendor engagements to deliver complex multi-program operations at global scale.

Essential Skills/Experience

Bachelors degree in Computer Science Computer Engineering Information Technology Information Systems or comparable specialisation.

15 years of Significant experience in modern software development security engineering and platform architecture.

Experience in agile/scrum environments and managing intricate security engineering initiatives.

Experience with cloud security platforms (e.g. Wiz AWS/Azure/GCP security tooling) and data security controls.

Substantial experience with AI/GenAI security capabilities and secure design for AI-enabled environments.

Experience deploying enterprise platforms (Docker SaaS cloud-native) including web and mobile security controls.

Experience with OT/ICS security standards (IEC 62443 NIST 800-82) and industrial security tools (e.g. ClarOTy).

Experience with SIEM endpoint network security and DLP tooling.

Familiarity with modern test management and vulnerability management tools (e.g. X-Ray for Jira Vectr Censys).

Leadership & Business Experience

Substantial experience leading sophisticated large-scale global IT/security engineering projects and programs.

Significant experience managing geographically dispersed teams across multiple regions and time zones.

Proven experience managing budgets vendors and resources for complex security engineering operations.

Experience managing managers and developing engineering leadership talent.

Experience co-working with cross-functional global leadership and senior stakeholders including C-suite.

Experience working in quality and compliance environments; application of policies procedures and guidelines.

Demonstrated experience anticipating assessing and managing project and security risk.

Experience driving large-scale change and transformation initiatives through and with distributed teams.

Strong communication influencing and stakeholder management skills across diverse internal and external audiences.

Desirable Skills/Experience

Advanced degree in a relevant field.

Professional certifications such as CISSP CCSP CISM or GIAC.

Hands-on leadership delivering SIEM transformations and endpoint modernization at global scale.

Proven success maturing NIST CSF Protect capabilities from Tier 2 to Tier 3 or higher.

Experience leading Zero Trust architectures and secure access modernization.

Deep familiarity with platforms referenced in this role (Wiz GitGuardian Akeyless Microsoft Defender Proofpoint ClarOTy Vectr Censys).

Experience standing up secure AI/GenAI platforms and/or sovereign AI datacenters.

Background in regulated industries with complex compliance requirements (e.g. life sciences manufacturing).

Demonstrated use of metrics and OKRs to drive platform performance and risk reduction.

Strong DevSecOps practices in agile environments and experience with cloud-native security controls across multiple public clouds.

Why AstraZeneca

This is a chance to lead work that protects the technology behind our science and helps accelerate innovation for patients. You will work at global scale with modern platforms complex challenges and the support to make an impact

We want people who are curious practical collaborative and ready to keep learning. We value agrowth mindsetover a fixed mindset and we look for leaders who build strong teams welcome challenge and help others succeed!

Inclusion and Equal Opportunity

AstraZeneca is anequal opportunity employer. We are committed to building an inclusive environment where everyone feels respected supported and able to contribute. We welcome applications from people of all backgrounds experiences and perspectives.

Date Posted

Closing Date

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds with as wide a range of perspectives as possible and harnessing industry-leading skills. We believe that the more inclusive we are the better our work will be. We welcome and consider applications to join our team from all qualified candidates regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment) as well as work authorization and employment eligibility verification requirements.