Executive Director Cybersecurity Engineering, Architecture, and Transformation

Role Summary

Executive Director Cybersecurity Engineering, Architecture, and Transformation leads a global team of directors, senior security engineers, managers, and specialists. Reports to the Chief Information Security Officer (CISO) as the CISO’s principal deputy for cybersecurity technology enablement, architecture, and AI-powered transformation. Drives future state capability via technology transformation, leads enterprise cybersecurity change strategy, oversees implementation plans, and prioritizes technology investments across cybersecurity functional areas. Focuses on controlled implementation of corporate-wide AI secured by information security to protect AI and information assets with confidentiality, integrity, and availability. Addresses manufacturing zero-trust, enterprise-scale generative AI and agentic AI controls maturity, and cybersecurity stack optimization.

Responsibilities

• Represents the CISO at designated Steering committees, architecture review boards, audits, regulator interactions and cybersecurity governance forums.
• Maintain awareness of AI controls and cybersecurity technology market developments; develop requirements and apply engineering trade analysis to select AI control and cybersecurity solutions compatible with IT and OT environments.
• Serve as the primary AI cybersecurity controls and cybersecurity subject matter expert within the IT architecture group; establish an AI security center of excellence with CISO support.
• Own cybersecurity solution blueprint processes and lifecycle; collaborate to define responsible AI governance and cybersecurity AI controls compliance; drive IT2030 Trust-by-Design outcomes.
• Lead assurance team efforts to assess IT and OT designs against Security Baseline Configurations, cybersecurity framework controls, and industry best practices; ensure capability to assess architecture artifacts and identify AI and cybersecurity risks.
• Provide AI, software development, and cybersecurity solution designs compliant with the AstraZeneca Security Policy Framework.
• Collaborate with cybersecurity threat intelligence and operations to threat model IT and OT architectures and solution designs; provide actionable risk reduction remediation actions.
• Collaborate to ensure annual penetration testing remediation capability; work across IT and OT organizations to drive risk burndown.
• Coordinate annual cybersecurity budget creation and prepare business cases; drive monthly budget performance review and forecasting.
• Lead the use of advanced models, reports, and forecasts to strengthen decision-making across the business and cybersecurity area.
• Organize and facilitate innovative cybersecurity solutions with stakeholder engagement and participation in governance and oversight boards.
• Coordinate and provide oversight for management and strategy of a technical security infrastructure for defense, detection, and response to sophisticated cyber threats.
• Support functions creating standard process risk dashboards and cybersecurity metrics.
• Participate as a member of the AstraZeneca cybersecurity leadership team.
• Maintain awareness of cyber threat vectors, attack methodologies, and mitigation/remediation methods.
• Develop/lead global cybersecurity steering groups with IT Business Technology Groups and other business units.
• Drive security control implementation and maturity into cloud environments, SaaS applications, manufacturing IoT/OT, and data protection initiatives; define policies and methods for improving cybersecurity and IT operational standards.
• Build and sustain high-impact relationships with infrastructure networks, regulatory bodies, business partners, and suppliers globally.
• Guide business continuity and disaster recovery planning and risk management activities in line with cybersecurity objectives.
• Manage P&L in partnership with finance to optimize short-term performance and long-term growth.
• Provide direction and oversight for continuous improvement/transformation and cost-saving initiatives within cybersecurity, including global projects.
• Be a strong leader and culture champion; drive talent management, development, engagement, and performance across sites and cybersecurity teams globally.
• Develop, communicate, and monitor cybersecurity performance objectives aligned with regional scorecards and global objectives.
• Source, attract, coach, and develop talent to ensure a healthy leadership pipeline and succession across cybersecurity teams and senior positions.
• Collaborate with the cybersecurity culture and awareness team to develop and deliver AI controls and cybersecurity information campaigns.
• Lead or participate in global cybersecurity steering groups with IT leadership and other business units.

Essential

Education, Qualifications, and Experience

• Embrace collaborative and cross-functional team ethos.
• Expert knowledge of AI controls and cybersecurity technology and its application.
• 15+ years of experience in global cybersecurity architecture and/or engineering, with 8+ years in a leadership role.
• Program budgeting, planning, and delivery.
• Expertise in creating and maintaining performance and operations metrics.
• Experience implementing and operating ISO, CIS, and NIST AI and cybersecurity frameworks.
• Significant knowledge of how engineering supports cybersecurity operations and incident response countermeasures.
• Deep understanding of information security technologies, cloud, application, data, and network architecture.
• Practical understanding of procurement processes and IT change management.
• Proven ability to manage competing priorities and work under pressure.
• Global perspective on privacy, security, and data protection issues and trends.
• Expert at reducing cyber risk in a large, global enterprise.
• Experience building and executing multi-year cybersecurity strategies; leading global cybersecurity transformational initiatives in complex environments.
• Experience and credibility to work with external industry stakeholders including vendors and regulatory authorities.

Desirable

• Extensive experience in multiple areas of cybersecurity/IT delivery in comparable industries (e.g., pharmaceutical).
• Advanced program management skills.
• IT service desk coordination experience.
• Penetration testing outputs translated into risk reduction and remediation projects.
• A relevant technical degree, competence, or equivalent.
• Current information security certifications (e.g., GIAC, CISSP, CISM, CISA).
• Experience across IT disciplines and industries.

Skills

• Excellent problem solving and troubleshooting skills; autonomous working, direction, and goal setting.
• Strong written and verbal communication; ability to present complex technical information to technical and non-technical audiences.
• Cross-cultural leadership ability.
• Collaborative, integrity-driven, and enabling leadership style.
• Experience working in a global organization with geographically dispersed stakeholders and teams.
• Experience working with Executive level stakeholders.

Additional Requirements

• None specified beyond position-related expectations.