Astellas Pharma Global Lead, Information Security Strategy & Architecture in Northbrook, Illinois
Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong at Astellas!
Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com .
This position is based in Northbrook, Illinois. Remote work from certain states may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines. Candidates interested in remote work are encouraged to apply.
Purpose and Scope:
As the Global Lead, Information Security Strategy and Architecture , you will play a crucial role in protecting and enhancing the security of Astellas' data, information, and digital assets globally. This leadership position is responsible for defining and implementing a comprehensive security strategy and architecture that safeguards our organization against evolving cyber threats. Your expertise and vision will be instrumental in establishing and leading security initiatives, ensuring that our systems and infrastructure maintain the highest levels of protection.
Essential Job Responsibilities:
A Strategy & Roadmap: Develop and execute a strategic security roadmap that aligns with Astellas' overall corporate strategic priorities (CSPs). Identify and prioritize security initiatives to enhance our security posture effectively.
Cyber Framework (e.g., NIST CSF): Implement and manage a robust cyber framework, such as the NIST Cybersecurity Framework, to guide security activities, risk assessments, and security improvements across the organization.
Periodic Maturity Assessments and Benchmarking: Conduct regular maturity assessments of our security controls and processes. Benchmark against industry standards to identify areas for improvement and drive continuous enhancements .
Innovation / Emerging Technology: Stay at the forefront of emerging security technologies and innovative solutions. Evaluate their potential benefits and risks and lead the integration of next-generation security tools to strengthen our security posture.
Security Architecture and Secure Code Reviews: Oversee the design, review, and enhancement of security architecture for systems, applications, and infrastructure. Conduct thorough secure code reviews to ensure secure coding practices throughout the software development lifecycle.
Resilience (Business Continuity and Disaster Recovery): Oversee the development and maintenance of comprehensive business continuity and disaster recovery plans. Collaborate with relevant teams to ensure resilience and quick recovery from potential security incidents and disruptions.
Transformation Programs: Drive security transformation initiatives to promote a proactive security culture within the organization. Champion security awareness and training programs to educate employees on security best practices.
Security Consulting (SLC Engagement and RX+ Security): Lead an expert security consulting service that provides guidance to various stakeholders, including project teams and business units. Engage in the Secure Development Lifecycle (SLC) and support RX+ security initiatives to identify and mitigate security risks in products and services.
Establish a long-term vision and strategy for security engineering, aligning it with the organization's overall security objectives.
Proactively address changes in technology advancements and security threats to continuously enhance security engineering practices.
Maintain current and in-depth knowledge of security engineering best practices and emerging technologies.
Possess proven and effective program management skills.
Utilize exceptional communication, facilitation, and consensus-building skills to gain support for security engineering initiatives.
Develop and foster ongoing relationships with stakeholders throughout Astellas to effectively manage and drive security engineering improvements.
Attract and retain talent, ensuring staff development (leadership, technical, strategic perspective), and promoting diversity.
Develop talent by actively coaching, managing, and mentoring employees.
Responsible for operating within the IP budget, and any applicable project specific budgets.
This position plays a crucial role in shaping Astellas' security landscape, ensuring the confidentiality, integrity, and availability of our information systems and data. Reporting directly to key leadership, you will have a significant impact on protecting our critical assets and data against cyber threats.
If you are a visionary leader with a passion for information security and architecture and thrive on building strong defenses against cyber threats, we encourage you to apply. Join us in our mission to improve patients' lives through innovative therapies and a commitment to ethics and integrity. Together, we can build a secure and resilient future for Astellas and the patients we serve.
Bachelor's or master’s degree in Computer Science, Information Security, or a related field.
Proven experience (typically 10+ years) in Information Security, with at least 5 years in a leadership or managerial role.
In-depth knowledge of security frameworks, standards, and best practices (e.g., ISO 27001, NIST Cybersecurity Framework).
Demonstrated experience in security strategy development and security architecture design.
Familiarity with cloud security, network security, endpoint security, and encryption technologies.
Strong understanding of risk management methodologies and incident response protocols.
Excellent leadership and communication skills, with the ability to effectively collaborate with stakeholders at all levels of the organization.
Advanced degree (Masters; Ph.D.) in Information Security, Computer Science, or a related field.
Relevant certifications such as CISSP, CISM, CRISC, or similar.
Medical, Dental and Vision Insurance
Generous Paid Time Off options, including Vacation, Sick time, plus national holidays including Heritage Days, and Summer and Winter Breaks
401(k) match and annual company contribution
Company paid life insurance
Annual Corporate Bonus and Quarterly Sales Incentive for eligible positions
Long Term Incentive Plan for eligible positions
Referral bonus program
Astellas is committed to equality of opportunity in all aspects of employment. EOE including Disability/Protected Veterans.
Category Ethics & Compliance
Astellas is committed to equality of opportunity in all aspects of employment.
EOE including Disability/Protected Veterans
- Astellas Pharma Jobs