Cybersecurity Director - Product Security Solutions

Leverage technology to impact patients and ultimately save lives.

Do you have expertise in and passion for cyber security Would you like to apply your expertise to impact the product security in a company that follows the science and turns ideas into life changing medicines If so AstraZeneca might be the one for you!

About AstraZeneca

AstraZeneca is a global scienceled patientfocused biopharmaceutical company that focuses on the discovery development and commercialization of prescription medicines for some of the worlds most serious disease. But we are more than one of the worlds leading pharmaceutical companies. At AstraZeneca we are dedicated to being a Great Place to Work.

About our Team

It is a dynamic and performancebased environment to work in but thats why we like it. There are countless opportunities to learn and grow whether thats exploring new technologies in hackathons or redefining the roles and work of colleagues forever. Craft your own path with support all the way. A diverse set of minds that work crossfunctionally and broadly together.

Introduction to role

Our increased focus on Digital AI & ML Data & Data Science along with joint ventures and collaboration with third parties are crafting new opportunities within the Cyber Security team. We are looking for an experienced and strategic Product Security Leader to join our diverse team. In this role you will be responsible for shaping the overall security strategy for our products ensuring the secure design development and deployment across the entire product lifecycle. You will help streamline the current product security efforts across various product teams build the core product security team collaborate with engineering development and crossfunctional teams and drive security initiatives across all stages of product development.

The ideal candidate will have a strong background in system development lifecycle software or product development experience software security threat modeling and a proven track record of building scalable security programs in a fastpaced innovationdriven environment. This role requires both technical expertise and leadership skills to influence product design decisions and create a securebydesign culture.

Accountabilities

Collaboration: Partner with product development engineering DevOps and other teams to identify security requirements influence design decisions and ensure security best practices are followed throughout the development lifecycle.

Develop and Lead Product Security Strategy and roadmap for target product domains: Lead the vision roadmap engineering and execution of the product security strategy ensuring the development of trustbydesign products and services.

Product Vulnerability Management: Collaborate with product teams and be responsible for the identification prioritization and mitigation of security vulnerabilities and issues. Lead and coordinate efforts for secure code reviews threat modeling penetration testing and vulnerability assessments.

Risk Management: Assess security risks across product portfolios and recommend remediation strategies while balancing business and technical needs.

Secure Development Lifecycle (SDL): Implement and carry out secure development lifecycle practices including tooling ensuring products are designed and developed with security built in.

Training and Awareness: Lead initiatives to increase security awareness and knowledge among engineers and product teams through training workshops and the development of security resources.

Compliance: Ensure adherence to relevant regulatory requirements and industry best practices related to product security (e.g. GDPR SOC2 OWASP etc.).

Leadership: Build mentor and lead a highperforming product security team. Cultivate a culture of security excellence and innovation.

Essential Skills/Experience:

• Bachelors degree in Computer Science Information Security or a related field (or equivalent experience).

• 8 years of experience in security with at least 3 years in a leadership role focusing on product or software security.

• Expertise in secure software development application security threat modeling vulnerability management and penetration testing.

• Strong understanding of common security threats (e.g. OWASP Top 10) attack vectors and mitigation strategies.

• Indepth knowledge of DevSecOps security tools and techniques for code analysis vulnerability scanning and risk assessment.

• Experience working with crossfunctional teams especially product management engineering and operations to integrate security into the product lifecycle.

• Strong problemsolving and analytical skills with the ability to translate technical concepts to business leaders and nontechnical team members.

• Excellent interpersonal skills both written and verbal with the ability to clearly convey complex security topics to a wide audience.

Desirable Skills/Experience

• Masters degree in Information Security Computer Science or a related field.

• Industry certifications such as CISSP CISM or CEH.

• Handson experience with security frameworks tools and methodologies (e.g. SAST DAST threat modeling etc.).

• Familiarity with cloud security and DevSecOps practices.

• Experience leading security initiatives in agile and fastpaced development environments.

• Knowledge of industry standards and regulations (e.g. ISO 27001 NIST SOC2).

The annual base pay for this position ranges from 160313..40 USD Annual (80% 120%). Hourly and salaried nonexempt employees will also be paid overtime pay when working qualifying overtime hours. Base pay offered may vary depending on multiple individualized factors including market location jobrelated knowledge skills and experience. In addition our positions offer a shortterm incentive bonus opportunity; eligibility to participate in our equitybased longterm incentive program (salaried roles) to receive a retirement contribution (hourly roles) and commission payment eligibility (sales roles). Benefits offered included a qualified retirement program 401(k) plan; paid vacation and holidays; paid leaves; and health benefits including medical prescription drug dental and vision coverage in accordance with the terms and conditions of the applicable plans. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired employee will be in an atwill position and the Company reserves the right to modify base pay (as well as any other discretionary payment or compensation program) at any time including for reasons related to individual performance Company or individual department/team performance and market factors.

When we put unexpected teams in the same room we spark bold thinking with the power to inspire lifechanging medicines. Inperson working gives us the platform we need to connect work at pace and challenge perceptions. Thats why we work on average a minimum of three days per week from the office. But that doesnt mean were not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our unique and ambitious world.

Join a team with the backing and investment to win! Youll be working with cuttingedge technology. This marriage between our purposeful work and the use of hightech platforms is what sets us apart. Own the way in digital healthcare. From exploring data and AI to working in the cloud on new technologies. Join a team at the forefront. Help shape and define the technologies of the future with the backing you need from across the business.

Ready to make an impact Apply now!