Lead Consultant - Security Tooling

Job Title: Lead Consultant - Security Tooling

GCL:E

Introduction to role:

Are you ready to coordinate security systems that protect the science behind life‑changing medicines? In this role, you will own and elevate the platforms and services that keep our global environment resilient—from endpoints and networks to identity, cloud and SaaS—so our researchers and colleagues can move faster with confidence.

You will set the direction for security tooling spanning various territories and environments, translating strategy into measurable outcomes: stronger detection, faster response, and scalable protection without friction. Do you want to shape standards that raise our security posture while unlocking speed for a data‑driven, AI‑empowered business?

Collaborate closely with engineering, operations, threat intelligence, incident response, and senior leaders. Turn insights into action, modernize our suite of tools, and improve how we monitor, investigate, and defend at scale.

Accountabilities:

Security Tooling Service Leadership: Lead security infrastructure for SIEM, EDR, data protection, identity, cloud, network, and analytics platforms across the organization; own performance, reliability, resilience, and alignment with standards to deliver measurable security outcomes.

Coordinate platform health, availability, scalability, and supportability. Drive sophisticated issue resolution, modernization, and lifecycle management to meet SLAs and improve threat identification and reaction times.

Enterprise Standards and Process Design: Design and optimize enterprise security tooling standards, service models, and operating practices that simplify delivery and raise consistency across regions and platforms.

Service Management and Operational Leadership: Own incident, problem, change, release, and service review processes for tooling; increase maturity and operational rigor while aligning to governance and business needs.

Monitoring and Analytics Enablement: Enhance telemetry pipelines and analytics quality—ingestion, normalization, parsing, enrichment, alerting, and validation—to improve visibility, detection effectiveness, and operational value.

Protection Tooling Enablement: Optimize endpoint and protection technologies through effective policy, coverage, and integration to deliver scalable, resilient prevention and response.

Governance, Risk, and Compliance: Operate tooling in line with policies, controls, and audit expectations; identify material risks and control gaps and drive remediation to closure.

Continuous Improvement and Transformation: Lead automation, service enhancements, and operating model improvements; introduce sophisticated frameworks and innovative solutions with training and support to accelerate adoption.

Project and Initiative Delivery: Lead complex initiatives including onboarding, integrations, migrations, upgrades, and transformations; align to enterprise priorities, quality, and timelines.

Collaborator Engagement and Strategic Influence: Communicate performance, risks, and capability gaps; influence priorities and investment decisions to advance enterprise cyber objectives.

Technical Oversight and Supplier Management: Provide hands‑on technical guidance to engineers and operators; lead vendor and run service delivery to improve quality and supportability.

External Partnerships and Innovation: Establish relationships with vendors and peers to identify emerging solutions and practices that strengthen our tooling estate.

Specialist Expertise and Leadership: Serve as a go‑to guide for difficult technical challenges; mentor teams and chip in to standards, guidelines, and enablement materials.

AI‑Enabled Cyber Security Support: Apply and evaluate artificial intelligence and data-driven algorithms for automation, anomaly detection, enrichment, investigation support, workflow optimization, and content tuning with appropriate governance.

Essential Skills/Experience:

Typically, this role requires demonstrated ability in digital security technologies and processes. It involves significant experience leading the development and management of security tools engineering, operations, or service delivery in large enterprises. Experience working in a global, regulated organization with geographically dispersed and multicultural teams is meaningful.

Strategy and Framework Expertise: Demonstrated expertise in developing, implementing, and optimizing cyber security strategies, frameworks, standards, and operating models within the security tooling domain.

Tooling Expertise: Practical experience operating and being responsible for multiple enterprise security platforms, including a combination of SIEM, EDR, storage and data protection tooling, security analytics platforms, endpoint security tooling, logging and telemetry pipelines, cloud security tools, identity-related security tooling, network security technologies, or related cyber security platforms. Experience supporting migrations, platform transformations, telemetry modernization, or large-scale tooling integrations is expected.

Operational Capability: Good experience in platform configuration, fixing issues, telemetry onboarding, connector or agent management, policy tuning, integration support, upgrade coordination, performance optimization, and service reliability at scale.

Service Ownership: Demonstrable experience owning or leading security tooling services, including driving service performance, stability, lifecycle management, and delivery against enterprise service expectations and SLAs.

AI Approach and Automation: An AI-first approach is encouraged, including comfort with applying, evaluating, or supporting AI and machine learning concepts in cyber security tooling use cases. Experience using scripting and automation, such as PowerShell, Python, or similar, to improve operational efficiency, service quality, scalability, and platform supportability is required.

Cyber Security Risk and Analysis: Substantial experience with security risk identification and assessment across enterprise technologies, with good understanding of telemetry analysis, log review, operational issue investigation, threat actors, attack vectors, and support for detection and response activities across tooling platforms.

Governance and Compliance Awareness: Experience operating security tooling in regulated and compliance-aware environments, including security data governance, access controls, retention, auditability, and application of policies, standards, procedures, and guidelines.

Experience collaborating with business collaborators to identify, document, and prioritize cyber security requirements. The role also involves maintaining relationships and communications with third-party suppliers, vendors, and service partners across complex, global, and matrixed environments.

Execution and Prioritization: Demonstrable ability to manage challenging priorities, lead delivery across multiple platforms or initiatives, define realistic plans, and deliver secure, stable, and scalable outcomes.

Communication and Influence: Good communication, engagement, and collaboration skills, with the ability to influence technical teams, service partners, and leadership collaborators to achieve enterprise outcomes.

Leadership and Mentoring: Experience providing technical leadership, mentoring engineers and analysts, and guiding teams in tooling practices, service operations, issue resolution, and adoption of new capabilities.

Adaptability: Ability to lead through change and adapt to evolving hybrid, cloud-native, and vendor-based security ecosystems.

Education: Bachelor’s degree or equivalent experience in information security, computer science, engineering, or a related field.

Desirable Skills/Experience:

Framework Knowledge: Knowledge of recognized security and compliance frameworks such as NIST CSF, ISO 27001, CIS Controls, and regulated control environments such as SOX, GxP, or equivalent.

Supplier and Assurance Exposure: Experience supporting vendor-managed tooling, handled detection services, audit activities, control reviews, service reviews, or compliance assessments.

Commercial and Service Awareness: Experience chipping in to cost-effective, sustainable, and supportable technology operations, including awareness of licence usage, support overhead, operational efficiency, and service value.

Certifications: Relevant security certifications applicable to the tooling or platform domain are desirable. Why AstraZeneca:

Join a technology community where security, data, and science converge to accelerate how new medicines reach patients. You will work in a modern, cloud‑forward environment with investment to scale, collaborating across disciplines—think security engineers, data authorities, and product teams in the same room unlocking bold ideas. We combine ambition with support, pairing high standards with coaching, feedback, and continuous learning so you can stretch your skills on real‑world challenges. Your work will directly safeguard research, protect operations, and enable colleagues worldwide, all while exploring AI, automation, and sophisticated analytics to raise our defenses and our speed.

Call to Action:

Lead at global scale and safeguard the science that saves lives—bring your expertise to build our security tooling estate and amplify your impact today.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

Date Posted

02-Jul-2026

Closing Date

06-Jul-2026

AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.