Cyber Security Vulnerability Management Lead Consultant

**Cyber Security Vulnerability Management Lead Consultant**

**Location: Guadalajara**

**Strong English communication skills required.**

***Must Submit Resume in English**

**Positions are open to Mexican Citizens and official residents of Mexico.**

**About the AstraZeneca**

AstraZeneca is a global, innovation-driven biopharmaceutical business that focuses on the discovery, development, and commercialization of prescription medicines for some of the world's most serious diseases. But we're more than one of the world's leading pharmaceutical companies.

At AstraZeneca, we're proud to have a unique workplace culture that inspires innovation and collaboration. Here, employees are empowered to express diverse perspectives - and are made to feel valued, energized and rewarded for their ideas and creativity.

At AstraZeneca we:

- Believe in lifelong learning.
- Endeavor to be a great place to work.
- Encourage a “speak up” culture.
- Lead the way in sustainable IT & social impact.
- Actively work towards becoming a digital organization.

**About the team**

The Enterprise Technology Services (ETS) team is accountable for all Infrastructure, Security, IT Operations and all End User Services and technologies. This group will ensure that our IT Services are seamless and secure, and that technology is delivered in an efficient, effective, and agile way, with a strong focus on experience. It’s a dynamic and challenging environment to work in - but that’s why we like it. There are countless opportunities to learn and grow, whether that’s exploring new technologies in hackathons, or transforming the roles and work of colleagues, forever. This is your chance to be part of a team that has the backing to innovate, disrupt an industry and change lives.

**About The role**

The cyber security manager will lead a team of security specialists and analysts, maintaining corporate wide information Security to ensure that AstraZeneca’s information assets are adequately protected in relation to confidentiality, integrity and availability. The role is accountable for the delivery of services in accordance with Service Level Agreements, business requirements and customer experience expectations and meeting required quality and compliance to standards. The role is also required to work closely with work collaboratively with other IT functions, AZ business areas and suppliers.

Cyber security manager may also be an individual contributor, working in a security specialty supporting the wider security function.

We are looking for Individuals who:

- Understand that security is a journey and not a destination. Cyber Security is not something that can be “fixed”, and we instead need to focus on innovation to maintain sustainable risk position against the evolving threat landscape.
- Understand that we can’t just buy our way out of a Cyber Security problem. Technology may win the battle, but it won’t win the war.
- Understand that Cyber Security is not just dealing with individual hackers. We are potentially working against state-sponsored attacks and multi-billion-dollar organized crime syndicates.
- Understand attackers, their motivations, and their ways of working to be able to get ahead and keep ahead of them.

**The Cyber Security Vulnerability Management Lead Consultant will be accountable for**:

- Define and implement strategies to increase scanning coverage
- Drive remediation or closure of the vulnerabilities with remediation teams.
- Improve and automate existing vulnerability management lifecycle. Including but not limited to, data ingestion & normalization, compliance metrics and detections on assets.
- Lead impact assessments to define prioritization and proper monitoring coverage.
- Develop automation, orchestration, and scripting to reduce manual processes, improving overall efficiency while also enabling new capabilities to meet our rapidly changing needs.
- Develop relationships with IT teams to resolve aging critical vulnerabilities on assets.
- Analyze requirements to develop and manage program metrics and performance through reporting and active engagement with stakeholders for continuous service improvement.
- Review new vulnerabilities published from multiple sources and identify those that may pose risk.
- Clear understanding on vulnerabilities and what it requires to remediate.
- Able to provide remediation solutions for the vulnerabilities based on the unique vulnerability categorization. Support teams to understand what is required to remediate vulnerabilities.
- Provide technical expertise in providing compensating controls for exception vulnerabilities.

**Requirements**:
**Essential**
- Experience of vulnerability management methodologies and tools
- Extensive experience working in Security, in a complex, multinational, corporate environment.
- Strong knowledge of vulnerability management - Triage, Prioritize, Remediate, and security threat modelling.
- Strong collaboration skills
- Critical thinking
- Ex