Job Specifications
Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong at Astellas!
Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com .
Purpose & Scope
We are seeking an experienced leader to serve as the Identity & Security Engineering Lead. This role will be responsible for defining strategy, leading teams, and ensuring operational excellence across our Microsoft identity management platforms while also overseeing broader security engineering domains including cloud security, OT security, application security, and infrastructure security.
A critical focus area will be advancing our Multi-Factor Authentication (MFA), Conditional Access, and Privileged Access Management (PAM) capabilities to enable secure, seamless user experiences. Beyond identity, this leader will drive security engineering excellence across cloud, OT, and enterprise platforms.
This role will be accountable for global delivery through a hybrid workforce model, managing both internal engineering teams and external service providers/partners across multiple regions and time zones. Operating within an agile delivery model, the Identity & Security Engineering Lead will ensure identity and security engineering capabilities are delivered with speed, adaptability, and business alignment.
The role may be based in the United States, Canada, United Kingdom, Poland, Mexico, India, or Japan, with global responsibilities across all regions.
Responsibilities And Accountabilities
Strategic Leadership
Define and execute the enterprise vision for Microsoft Identity platforms (Active Directory, Azure AD / Entra ID, M365 Identity Services, MFA, Conditional Access, PAM).
Lead strategy and delivery across broader security engineering domains including cloud security, OT security, and infrastructure/application security.
Drive a global MFA-first strategy, embedding Zero Trust principles across the enterprise.
Ensure identity and security engineering programs support digital transformation, cloud adoption, and regulatory compliance.
Operational Excellence
Ensure global reliability and performance of MFA and Conditional Access policies.
Automate identity lifecycle management (provisioning, de-provisioning, access reviews, PAM).
Deliver security engineering solutions for cloud platforms (Azure, AWS, GCP) and OT/critical infrastructure environments.
Apply agile delivery methodologies to accelerate delivery, manage backlogs, and adapt quickly to evolving requirements.
Manage service delivery performance across both internal teams and external vendor partners.
Risk, Compliance & Governance
Partner with GRC to ensure identity and security engineering controls meet NIST CSF, ISO 27001, SOX, HIPAA, EU AI Act, and other regulatory frameworks.
Lead audit and compliance programs across identity, cloud, and OT security domains.
Anticipate and mitigate emerging risks by adapting MFA and security engineering strategies.
Collaboration & Influence
Serve as a trusted partner across infrastructure, applications, OT, business stakeholders, and senior executives.
Position MFA, identity, and security engineering as key enablers of business productivity and compliance.
Represent the function in enterprise-wide programs including global network refresh, cloud adoption, OT modernization, and M&A integrations.
People & Talent Leadership
Lead and mentor a global team of internal and external resources, ensuring alignment and accountability across multiple regions and time zones.
Foster agile, cross-functional teams that collaborate across infrastructure, applications, and business domains.
Manage vendor partnerships and enforce accountability for quality, SLAs, and innovation.
Develop succession plans, training paths, and career opportunities in Microsoft identity, MFA, and advanced security engineering.
Promote a culture of inclusion, agility, innovation, and continuous improvement.
Qualifications Required
12+ years of progressive experience in information security and/or infrastructure engineering, with 5+ years in senior leadership.
Proven experience managing global teams (internal staff and vendor/partner resources).
Deep expertise in Microsoft identity and authentication platforms, including:
Active Directory (on-prem & hybrid)
Azure AD / Entra ID
Microsoft 365 Identity Services
Multi-Factor Authentication (MFA) & Conditional Access
Pri