Cyber Security Controls Development and Assurance Manager
Location
Chennai | India
Job description
AstraZeneca (AZ) are a global, science-led biopharmaceutical business whose innovative medicines are used by hundreds of millions of patients worldwide. Our IT 2025 strategy is focused on Smarter, Faster, Leaner and Better and we're looking for a Cyber Security Controls Development and Assurance Manager to play an active part in helping make this strategy a reality.
AZ's IT capability is world-class. As an IT capability, we:
- Believe in Lifelong Learning
- Endeavour to be a great place to work
- Actively encourage a 'Speak Up' culture
- Lead the way in Sustainable IT & Social Impact
- Are actively working towards becoming a digital organisation.
We're looking for an IT security professional that can help us on the journey through this challenging and ever-changing technology landscape. We need an individual who:
- Understands that security is a journey and not a destination. Cyber Security is not something that can be 'fixed', and we instead need to focus on innovation to maintain sustainable risk position against the evolving threat landscape
- Understands that we can't just buy our way out of a Cyber Security problem. Technology may win the battle, but it won't win the war
- Understands that Cyber Security is not just dealing with individual hackers. We are potentially working against state-sponsored attacks and multi-billion $ organised crime syndicates
- Understands attackers, their motivations and their ways of working to be able to get ahead and keep ahead of them.
As part of this world-class capability, we need a
Cyber Security Controls Development and Assurance Manager to become a fundamental part of the AZ Cyber Security Compliance team to ensure that AZ's information assets are adequately protected in relation to confidentiality, integrity and availability.
Specifically, the role will:
- Drive the implementation and adoption of cyber security compliance monitoring, and any associated process improvement activities inside and outside of cyber
- Develop, manage and ensure the success of assurance projects that the Cyber Governance, Risk and Compliance team are going to implement in 2024 and beyond.
The role is required to work closely with internal teams across all lines of business and the wider enterprise, developing and maintaining cyber compliance mechanisms, identifying new security assurance opportunities and communicating clearly and effectively with AZ's global customers and suppliers to work collaboratively with other IT functions and AZ business areas.
We need a confident, self-assured individual, able to set and drive their own agenda, who will not be phased to seek the sponsorship of senior IT management to ensure that agreed cyber security improvements are realised.
Essential Education, Qualifications, and Experience - Three+ years of working within cyber security, ideally in a 'front-office' role, interacting with key stakeholders
- Excellent knowledge of security standards such as NIST 800-53, ISO27001 & NIST CSF
- A relevant degree and/or recognized professional certifications such as CRISC, CISM, CISSP etc
- Experience of security assurance and risk management, in complex, multinational, corporate environments
- Proven track record of working with senior stakeholders to deliver positive outcomes in the security posture
- A good awareness of IT architecture, design, configuration, and implementation.
Desirable - Experience of working in other IT disciplines and across a range of industries and sectors
- Basic, working knowledge of SOx & GxP compliance.
Skills And Capabilities - Recognising opportunities for organisational improvement and demonstrable personal history of being a key player in driving that change through via collaboration, drive and diligence
- Proven track record in discussing process improvement requirements with senior management
- Demonstrable, personal ability to analyse complex situations, assessing risks and balancing strategic and tactical security requirements
- Ability to work well in diverse, multinational teams and proven ability to influence others to achieve positive outcomes
- Willing to learn and able to manage ambiguity and operate effectively with little supervision
- Outstanding communication skills and capable of generating excellent documentation which requires minimal rework
- Self-starter with high levels of drive, energy, resilience and a desire for professional excellence
- Skilled in cyber security with the ability to understand the range of controls within typical security frameworks (NIST CSF, ISO27001).
Why AstraZeneca At AstraZeneca when we see an opportunity for change, we seize it and make it happen, because any opportunity no matter how small, can be the start of something big. Delivering life-changing medicines is about being entrepreneurial - finding those moments and recognising their potential. Join us on our journey of building a new kind of organisation to reset expectations of what a bio-pharmaceutical company can be. This means we're opening new ways to work, pioneering cutting edge methods and bringing unexpected teams together. Interested Come and join our journey. So, what's next! Are you already imagining yourself joining our team Good, because we can't wait to hear from you. Where can I find out more Our Social Media, Follow AstraZeneca on LinkedIn
Follow AstraZeneca on Facebook
Follow AstraZeneca on Instagram
If you have site, country or departmental social media then feel free to switch any of the above links
AstraZeneca is an equal opportunity employer. AstraZeneca will consider all qualified applicants for employment without discrimination on grounds of disability, sex or sexual orientation, pregnancy or maternity leave status, race or national or ethnic origin, age, religion or belief, gender identity or re-assignment, marital or civil partnership status, protected veteran status (if applicable) or any other characteristic protected by law.
Job tags
Salary
