The IT Security Organization is responsible for establishing and maintaining corporate wide information security to ensure that AstraZeneca s information assets are adequately protected in relation to confidentiality, integrity and availability.
The security of information and systems presents one of the biggest risks and opportunities for all large organizations today. Internal and external attacks are becoming more complex whilst the balance of enabling business objectives in a cost effective.
As the Information Security Officer (ISO), is a deputy CISO role responsible for partnering with Astra Zeneca s Global Head of IT Security (CISO) in maintaining a corporate-wide, cybersecurity organization. Collaborating with the CISO, the ISO will work with all areas of AstraZeneca s Japanese based business to develop and articulate a shared vision for a premier global information security program.
Your responsibilities will include strategy, architecture, solutions design, program coordination and execution, awareness, outreach, business management and reporting on information security program effectiveness. This position requires a credible leader with strong business insight and a detailed working knowledge of information security technologies, practices, policies, and their application to a global business.
You should be comfortable interacting with the most senior levels of IT and as peer-advisor to AstraZeneca s business leaders will help direct the security program as a business enabler.
You should be a leader with vision and an integrator of people, processes and technology.
01. Drive Global IT Security and Risk Governance within AP Region.
02. Provide consultancy to business on Global Security policies and requirements.
03. Escalate Regional challenges, discrepancies, gaps and risk in implementing Global Polices.
04. Implement Global IT Security, Risk & Compliance strategy, policies, standards and procedures to ensure compliance with required legislation and regulation.
05. Provide proactive consulting on new systems and technology as part of IT Security program.
06. Manage and monitor the local security environment.
07. Develop strong collaborative relationships within IT and with business customers to understand long-term business strategies and prepare appropriate IT security solutions.
08. Run Cyber Security Governance sessions with senior IT management to provide security guidance and drive awareness and knowledge of IT Security policies and requirements.
09. Coordinate Security rollout across the Business/Region to preserve the Confidentiality, Integrity and Availability of AZ information.
10. Prioritize Security & Recovery efforts via a Risk-Based approach, work with IT and business partners to facilitate such activities.
11. Select and implementing security controls to mitigate information risks.
12. Oversee information security incidents in the AP Region
13. Perform Application/Third Party/Cloud risk assessments and partner the businesses to deliver resolutions and mitigations.
Skills & Experience
5-6 years experience leading global information security programs and applying information security practices.
Minimum of 4-5 years practical experience designing and implementing enterprise information technology security; demonstrates industry leading security innovation skills and an eye towards understanding the threat environment from a preventative posture.
Proven experience interfacing with senior executives at business leader level and communicating complex cyber security concepts in business-relevant ways.
Strong demonstrated knowledge of enterprise systems, cloud solutions and IT/security technologies.
Excellent written and verbal communications skills with experience presenting to executives and leadership teams with the ability to communicate security and risk-related concepts to technical and non-technical audiences.
Very strong business analysis skills, problem solving techniques, and follow-up.
English Business Level
Japanese Business Level
Nice to have
Experience working with global teams based in Europe, Asia & the Americas
Experience in budget control
CISSP, CRISC, CISM certifications
ISO/IEC 27001, NIST, etc.
Knowledge of cloud (SOC reports, etc.)
Data management (GDPR, Legal Hold, etc.)
Willing and able to roll up sleeves and lead from the front. A self-starter with a can-do attitude. A driver and implementer who possesses the poise and ability to act calmly and competently in high-pressure, high-stress situations.
Bachelor s degree in a relevant discipline is strongly preferred; Master s degree in Business Administration, Information Science, Information Assurance or Policy & Risk Analysis is also a strong plus
Launch your career - Upload your resume now!Upload your resume
Loading some great jobs for you...