Director/Sr. Director, Identity & Security Engineering

Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians.  If you want to be part of this exciting work, you belong at Astellas!

Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com.

Purpose & Scope:                        

We are seeking an experienced leader to serve as the Identity & Security Engineering Lead. This role will be responsible for defining strategy, leading teams, and ensuring operational excellence across our Microsoft identity management platforms while also overseeing broader security engineering domains including cloud security, OT security, application security, and infrastructure security.

A critical focus area will be advancing our Multi-Factor Authentication (MFA), Conditional Access, and Privileged Access Management (PAM) capabilities to enable secure, seamless user experiences. Beyond identity, this leader will drive security engineering excellence across cloud, OT, and enterprise platforms.

This role will be accountable for global delivery through a hybrid workforce model, managing both internal engineering teams and external service providers/partners across multiple regions and time zones. Operating within an agile delivery model, the Identity & Security Engineering Lead will ensure identity and security engineering capabilities are delivered with speed, adaptability, and business alignment.

The role may be based in the United States, Canada, United Kingdom, Poland, Mexico, India, or Japan, with global responsibilities across all regions.

Responsibilities and Accountabilities:

Strategic Leadership

·         Define and execute the enterprise vision for Microsoft Identity platforms (Active Directory, Azure AD / Entra ID, M365 Identity Services, MFA, Conditional Access, PAM).

·         Lead strategy and delivery across broader security engineering domains including cloud security, OT security, and infrastructure/application security.

·         Drive a global MFA-first strategy, embedding Zero Trust principles across the enterprise.

·         Ensure identity and security engineering programs support digital transformation, cloud adoption, and regulatory compliance.

Operational Excellence

·         Ensure global reliability and performance of MFA and Conditional Access policies.

·         Automate identity lifecycle management (provisioning, de-provisioning, access reviews, PAM).

·         Deliver security engineering solutions for cloud platforms (Azure, AWS, GCP) and OT/critical infrastructure environments.

·         Apply agile delivery methodologies to accelerate delivery, manage backlogs, and adapt quickly to evolving requirements.

·         Manage service delivery performance across both internal teams and external vendor partners.

·         Risk, Compliance & Governance

·         Partner with GRC to ensure identity and security engineering controls meet NIST CSF, ISO 27001, SOX, HIPAA, EU AI Act, and other regulatory frameworks.

·         Lead audit and compliance programs across identity, cloud, and OT security domains.

·         Anticipate and mitigate emerging risks by adapting MFA and security engineering strategies.

Collaboration & Influence

·         Serve as a trusted partner across infrastructure, applications, OT, business stakeholders, and senior executives.

·         Position MFA, identity, and security engineering as key enablers of business productivity and compliance.

·         Represent the function in enterprise-wide programs including global network refresh, cloud adoption, OT modernization, and M&A integrations.

·         People & Talent Leadership

·         Lead and mentor a global team of internal and external resources, ensuring alignment and accountability across multiple regions and time zones.

·         Foster agile, cross-functional teams that collaborate across infrastructure, applications, and business domains.

·         Manage vendor partnerships and enforce accountability for quality, SLAs, and innovation.

·         Develop succession plans, training paths, and career opportunities in Microsoft identity, MFA, and advanced security engineering.

·         Promote a culture of inclusion, agility, innovation, and continuous improvement.

Qualifications Required:

• 12+ years of progressive experience in information security and/or infrastructure engineering, with 5+ years in senior leadership.
• Proven experience managing global teams (internal staff and vendor/partner resources).
• Deep expertise in Microsoft identity and authentication platforms, including:
  • Active Directory (on-prem & hybrid)
  • Azure AD / Entra ID
  • Microsoft 365 Identity Services
  • Multi-Factor Authentication (MFA) & Conditional Access
  • Privileged Access Management (PAM)
• Strong background in security engineering domains:
  • Cloud Security (Azure, AWS, GCP)
  • OT Security
  • Application & Infrastructure Security
• Demonstrated success delivering in an agile operating model.
• Proven record of driving enterprise-wide MFA adoption and improving identity resilience.
• Experience in pharmaceuticals, healthcare, or other highly regulated industries preferred.
• Strong communication skills and executive presence; able to influence at C-suite and board levels.
• Bachelor’s degree required; Master’s degree preferred in Information Security, Computer Science, or related field.
• Certifications such as CISSP, CISM, Microsoft SC-300 (Identity & Access Administrator), or Azure Solutions Architect are a plus.

Working Environment:

• May be based in: US, Canada, UK, Poland, Mexico, India, or Japan.
• Global travel may be required. At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.

Salary Range: $197,400 - $310,200 (Final compensation will be determined based on a variety of factors, including but not limited to skills, experience and organizational equity considerations)

Benefits:

• Medical, Dental and Vision Insurance
• Generous Paid Time Off options, including Vacation and Sick time, plus national holidays including year-end shut down
• 401(k) match and annual company contribution
• Company paid life insurance
• Annual Corporate Bonus and Quarterly Sales Incentive for eligible positions
• Long Term Incentive Plan for eligible positions
• Company fleet vehicle for eligible positions
• Referral bonus program

#LI-DM