*associate director - cyber security strategy*
*chennai (india) / guadalajara (mexico)*
*bs. V4*
*about the enterprise technology services team*
the enterprise technology services (ets) team is accountable for all infrastructure, security, it operations and all end user services and technologies. This group will ensure that our it services are seamless and secure, and that technology is delivered in an efficient, effective, and agile way, with a strong focus on experience. It’s a dynamic and challenging environment to work in - but that’s why we like it. There are countless opportunities to learn and grow, whether that’s exploring new technologies in hackathons, or transforming the roles and work of colleagues, forever. This is your chance to be part of a team that has the backing to innovate, disrupt an industry and change lives.
*job role*
the associate director cyber security strategy will be responsible for maintaining the strategic direction of cyber security including the annual medium term planning and prioritisation.
The role is accountable for defining, documenting and socialising the cyber security strategy and accompanying documents and slides. The strategy is critical to support the direction of cyber security and to prioritise initiatives as we continue to protect astrazeneca from external threats and develop new capabilities.
The role is also required to work closely with internal cross functional teams, suppliers, vendors, industry peers and related industry partners.
*key responsibilities*
- gather requirements and initiatives across cyber security, it and business technology groups that would define the direction and initiatives for cyber security
- develop and maintain the strategy and supporting documentation with measures of success and timelines on delivery
- define the governance process for strategy review, updates, approvals and prioritization of initiatives and tasks
- own and deliver on the cyber security medium term plan process
- map and create mappings of external threats, risks to strategic actions
- cross functional alignment and collaboration to ensure security requirements and initatives are captured and fed into the strategy
- coaches team for high performance, creating a supportive working environment where everyone has the opportunity to fulfil their potential
- proactively develop the strategy from lessons learnt and feedback sessions across it and cyber security
- ability to identify priorities and critical strategic actions and be able to position these to senior leaders with benefit and value to be delivered
- work with the cyber security leadership team to understand functional tower requirements and ensure alignment across strategic initiatives
*essential experience*
- extensive experience working in a complex, multinational, corporate environment
- proven experience leading and developing a strategy within a complex environment
- a high level of it knowledge, ideally with experience around cyber security
- a deep understanding of various security technologies and processes
- a relevant technical degree, competence or equivalent (cissp, cism, ccsp) and competence to lead various security initiatives
- excellent problem solving and troubleshooting skills, autonomous working, direction and goal setting
- strong written and verbal communication skills along with the proven ability to present complex, technical information to both technical and non-technical audiences
- be valued and respected for collaboration, integrity and enablement
- ability to analyze complex situations, assessing risks and balancing strategic and tactical security requirements with business pragmatism, risk appetite and innovation
- ability to prioritize, re-schedule and adapt to changes in a dynamic environment
- excellent business acumen with sensitivity to environment
- experience working in a global organization where stakeholders and team members are geographically dispersed.
*key relationships*
- it operational teams
- az business risk / security teams
- procurement
- finance
- internal audit teams
- it & global compliance teams
*so, what next?