Senior Engineer - Cloud & Data Security

AstraZeneca is a global, science-led biopharmaceutical business whose innovative medicines are used by hundreds of millions of patients worldwide. Our IT strategy is focused on Smarter, Faster, and Leaner and we are looking for a Cybersecurity Engineer to play an active part in helping make this strategy a reality.

Cybersecurity is key to our IT strategy, as we move towards our objectives we are looking for Individuals who:

• Focus on innovation to maintain a sustainable risk position against the evolving threat landscape.
• Understand that we could be working against organized crime syndicates or state-sponsored attackers.
• Understand attackers’ motivations and their ways of working.

In this role you will operate within AstraZeneca’s global cybersecurity organization. You will collaborate and influence multiple functions across a global organization spanning China, India, Mexico, Sweden, US, and UK.

Accountabilities (You will …)

• Engineer cybersecurity solutions spanning cloud, on-premises, and third-party collaboration environments, with a predominant focus on cloud and data.
• Collaborate with other teams in performing, assessing, and evolving IT processes that intersect any of our cybersecurity priorities.
• Map governance and compliance frameworks and their controls to technical implementation, shifting hardening processes as far left as possible.
• Leverage understanding of threats, weaknesses, and vulnerabilities around cloud and data to assist other areas in responding promptly and effectively to contain breaches or to address areas of concern.

Desired Skills (You can …)

• Identify and articulate architectural trade-offs.
• Embed process, governance and security into workflow and technology.
• Design and implement software tools and services using modern programming languages.
• Manage and lead projects delivering prioritized initiatives at challenging deadlines.
• Exert positive influence in a matrixed organization to drive technology evolution.
• Drive efforts to achieve process and technology improvement at scale.

Qualifications (You have …)

• Must have broad enterprise IT experience with significant cloud and data exposure.
• Must have in-depth understanding of security and networking protocols, cryptography, and modern authentication and authorization protocols.
• Must have experience designing, deploying, and operating secure networks, systems, application and security architectures at scale.
• Must have experience configuring and managing cloud security services in an AWS organization at scale.
• Must have experience researching, designing, and implementing security policies, standards, and procedures, including those in cybersecurity frameworks such as MITRE ATT&CK, NIST CSF, NIST SP.800- 53, and NIST SP.800-61, as well as implementing cloud security reference architectures.
• Should have experience working in a software development and systems administration organization, implementing DevSecOps and process automation.
• Should have the ability to conduct post-mortem on security incidents and take post-mortem data to drive uplift in policies, procedures, standards.

📌Strong English communication skills required.

📌 Positions are open to Mexican Citizens and official residents of Mexico.
📍 Location: Guadalajara (hybrid - Expectation of working in the office 3 days a week)