Global Lead, Information Security Assurance and Risk Management
Astellas

Job Info

---

Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong at Astellas!

Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com.

This position is based in Northbrook, Illinois. Remote work from certain states may be permitted in accordance with Astellas' Responsible Flexibility Guidelines. Candidates interested in remote work are encouraged to apply.

Purpose and Scope:

As the Global Lead, Information Security Assurance and Risk Management, you will play a critical role in ensuring the governance, risk, and compliance of Astellas' security practices. This leadership position is responsible for developing and implementing a robust risk management framework that addresses regulatory requirements and supports the secure management of our global assets. You will act as a key interface for audit, internal audit, regulators, and other stakeholders. This role will also lead efforts to manage secure assets, including security contractual language, and play a key role in China-specific security initiatives.

Essential Job Responsibilities:

• Governance, Risk, and Compliance: Develop and maintain a strong governance, risk, and compliance framework for Astellas' security practices. Ensure adherence to relevant regulatory requirements, such as NIS2, SEC, and China-specific regulations.
• Risk Management/Risk Framework: Establish and lead a comprehensive risk management framework to identify, assess, and mitigate security risks across the organization.
• Information Security Officer (Business and Regional): Serve as the Information Security Officer, acting as a liaison between business and regional functions, audit, internal audit, regulators, and other relevant stakeholders.
• China Interface: Play a key role in overseeing security initiatives in China, ensuring compliance with China-specific regulations and fostering a strong security culture within the region.
• Interface for Audit, Internal Audit, Regulators, etc.: Act as the main point of contact for audit activities, internal audit assessments, and regulatory engagements, providing accurate and timely information related to security assurance and risk management.
• Secure Asset Management: Develop and implement strategies for the secure management of Astellas' assets, including data, information, and infrastructure.
• TPLM (Third-Party Risk Management): Lead the Third-Party Risk Management program, ensuring that security risks associated with third-party relationships are identified and managed effectively.
• Security Contractual Language: Develop and oversee the implementation of security contractual language in agreements with external vendors and partners.

Leadership:

• Establish a long-term vision and strategy for security engineering, aligning it with the organization's overall security objectives.
• Proactively address changes in technology advancements and security threats to continuously enhance security engineering practices.
• Maintain current and in-depth knowledge of security engineering best practices and emerging technologies.
• Possess proven and effective program management skills.
• Utilize exceptional communication, facilitation, and consensus-building skills to gain support for security engineering initiatives.
• Develop and foster ongoing relationships with stakeholders throughout Astellas to effectively manage and drive security engineering improvements.

Talent Management:

• Attract and retain talent, ensuring staff development (leadership, technical, strategic perspective), and promoting diversity.
• Develop talent by actively coaching, managing, and mentoring employees.

Quantitative Dimensions:

Geographic scope of role is Global with integration with various divisions across Astellas.

• May manage up to +/- 5 direct report employees.
• May manage up to 20+ external strategic partner resources, depending on portfolio of work
• Responsible for operating budgets of +/- 1-2M and project budgets of +/- 1-5M

Organizational Context:

This position plays a crucial role in shaping Astellas' security landscape, ensuring the confidentiality, integrity, and availability of our information systems and data. Reporting directly to key leadership, you will have a significant impact on protecting our critical assets and data against cyber threats.

If you are a visionary leader with a passion for information security and architecture and thrive on building strong defenses against cyber threats, we encourage you to apply. Join us in our mission to improve patients' lives through innovative therapies and a commitment to ethics and integrity. Together, we can build a secure and resilient future for Astellas and the patients we serve.

This job has expired.