Associate Architect Cyber Security

Associate Architect – Cyber Security

Macclesfield/ Horizon Place - UK

Competitive salary & benefits

Closing Date: 27th March 2023

AstraZeneca is a global, science-led biopharmaceutical business whose innovative medicines are used by millions of patients worldwide. We are growing our focus on growth through innovation - being more patient-centric, doing more with technology, digital and data, and advancing more powerful science. Our key principals include:

• Accelerate innovative science – Advancing high-potential late-stage pipeline projects, pursuing the next wave of ground-breaking biology and accelerating efforts in ML & AI, Data Science and Digital Technology

• Deliver growth and therapy area leadership – Driving growth, impacting and improving the whole patient journey and collaborating with the funders of healthcare and third parties.

About the role:

We’re looking for IT security professionals that can help us on the journey through this meaningful and constantly evolving technology landscape. Individuals who:

• Understand that security is a journey and not a destination. Cyber security is not something that can be “fixed”, and we instead need to focus on innovation to maintain balanced risk position against the evolving threat landscape

• Understand that we can’t just buy our way out of a cyber security problem. Technology may win the battle, but it won’t win the war

• Understand that cyber security is not just looking after over-enthusiastic teenagers. We are potentially working against state-sponsored charges and multi-billion-dollar organized crime syndicates

• Understand attackers, their motivations, and their ways of working to be able to get ahead and keep ahead of them

Accountabilities

In this role of Security Specialist – Architect, you’ll operate within AstraZeneca’s Cyber Security and Innovation Services division to craft quality solutions and work with vendors on COTS applications to strengthen our security stance across the enterprise. You’ll need to collaborate with Business, Solution Delivery, Engineering, and Quality and Compliance functions across a global organisation spanning US, UK, Sweden, China, Japan, Poland, Mexico, India and beyond.

The core accountabilities for the role include:

• Architect cyber security solutions for the organisation spanning Cloud, Hybrid and on-premise as well as third-party teamwork environments.

• Define principles, policies, standards and governance covering Cloud, DevOps, Corporate network connectivity, tooling, ways of working, application security standards, static and dynamic code review, penetration testing (both automated and manual / exploratory), monitoring (including Security Information and Event Management [SIEM]), mapping governance and compliance frameworks and controls to technical implementation, shifting hardening processes as far left as possible, network traffic inspection (including IDS / IPS)

• Help defines the future state of cyber security within the organisation, conduct review and gap analysis between current state and future state including existing measures and controls, and then work to uplift to align to the future state vision.

• Define security strategies, self-service standards, and ways of working for users working across the cloud

• Work with existing security teams to implement and enforce strategies and policies across the enterprise

Crucial Qualifications:

• Must understand the OWASP methodology, process, and artefacts

• Must have been a Solution Architect for at least 3 years covering enterer prise and consultancy

• Able to influence and position strategies at multiple levels to both IT and business functions

• Have a solid grasp and proven capability in Cloud, Hybrid and On-Premise’s architecture

• Able to work across multiple teams spanning many geographic regions

• Security, compliance, and regulatory experience in a public cloud environment

• Ability to carry out evaluations, gap analysis and vendor assessments for security technologies and applications

• Excellent written and oral communication skills

• Ability to craft, build, test and implement cyber security solutions

• Ability to define principles, policies, standards, and governance

• Ability to map governance and compliance frameworks and controls to technical implementation

• Strong Cloud architecture and multiple proven ability

• Familiarity working in and across large geo-dispersed teams

• The ability to identify and detail security processes, techniques and governance into solutions

• Ability to prioritise and validate the threats that really matter

• Shifting security processes as far left as possible. Build standards that are a part of the solution – not an afterthought.

• Security roadmap and strategy development

Desirable

• Experience crafting secure networks, systems, and application architectures

• Knowledge of disaster recovery, computer forensic tools, technologies, and methods

• Knowledge of risk assessment tools, technologies, and methods

• Ability to conduct post-mortem on security incidents and/or take post-mortem data to drive uplift in policies, procedures, standards

• Experience in a system administration role supporting multiple platforms and applications

• Security, Cloud and/or DevOps certifications

• Experience working work closely with compliance and audit functions

• Development of application security standards,

• Ability to implement and conduct static and dynamic code review process

• Ability to implement and conduct penetration testing processes (both automated and manual / exploratory)

• Security incident and event supervising implementation (SIEM)

• Understanding of authentication technologies and approaches

WHY JOIN US?

We’re a network of ambitious self-starters who chip into something far bigger. There’s a diversity of expertise in our Technology group that’s outstanding to AstraZeneca – it allows us to investigate exploring new leading-edge technology. We enable AstraZeneca to perform at its peak by delivering outstanding technology and data solutions, unlocking the potential of science. We optimise and evolutionist AstraZeneca by improving efficiencies and finding new ways to drive productivity. From automation to data simplification.

A place to be open and clear – we speak up, think creatively, and share ideas. Our diverse contributions help us to make better decisions. But we have a constant strive to innovate, and an appreciation for high standards. It takes challenging the status quo to contribute in our ever-evolving environment. We love it here because put simply, we make a meaningful impact.

Technology at AstraZeneca is a home for purposeful dynamics!

SO, WHAT NEXT?

If reading the above has tickled your senses and you’re ready to join us, hit the apply button, and we look forward to reviewing your application soon.

Date Posted

Closing Date

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.