Vice President, Head of Information Security
Astellas

Do you want to be part of an inclusive team that works to develop innovative therapies for patients? Every day, we are driven to develop and deliver innovative and effective new medicines to patients and physicians. If you want to be part of this exciting work, you belong at Astellas!

Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com.

This position is based in Northbrook, Illinois. Hybrid work from certain states may be permitted in accordance with Astellas' Responsible Flexibility Guidelines. Candidates interested in hybrid work are encouraged to apply.

Purpose and Scope:

• Global Head of Information Security is a new role and function to protect and enhance the security of Astellas' data, information and other digital assets globally in alignment with Astellas' business goals. This role offers the exciting opportunity for a strong senior strategic leader to build a new function that combines information security and cybersecurity within Astellas. The new Information Security function is being established as part of Astellas Ethics & Compliance (E&C) Division (which includes Global Privacy) in order to leverage the E&C network and its expertise in cross-functional program implementation, monitoring, governance and privacy, to accelerate establishment of a robust and holistic program to govern, operate and monitor information security risks across the organization. This is why the role will report to the Global Head of Ethics & Compliance.
• Information Security reporting outside of Information Systems (IS), will support independence in planning, budgeting and operating security resources and enable IS to more fully focus on technology innovation. It will be critical for the new Information Security function to closely collaborate with IS, Privacy and other relevant functions and Divisions.
• The role is accountable for ensuring the confidentiality, integrity, and availability of all organizational information systems, data and products and maintaining related Information Security (which includes cybersecurity) governance strategies consistent with business objectives for Astellas. This role is also responsible for directing and overseeing the development and implementation of Information Security programs, assessing and/or monitoring the effectiveness of Information Security capabilities and related programs to reduce overall risk exposure.
• Being based in either the US, UK or Tokyo, this role must work effectively across Astellas to understand business risks unique to each division and address the related Information Security risk implications in a manner that is in accordance with Astellas culture, financial constraints and resources.

Essential Job Responsibilities:

• Direct and maintain information security risk governance frameworks, policies, standards and practices throughout Astellas divisions worldwide.
• Lead & Direct information security 3rd party vendors and monitor for performance to SLA's
• Identify, select and implement relevant data, product and physical security controls in accordance with industry standards, as well as maintain compliance with regulatory requirements associated with those controls.
• Provide oversight to the maintenance and improvement of information security practices.
• Oversee the information security control in products to ensure the integrity of Astellas products.
• Direct the initiation of proactive information security assessments, recommend corrective measures, and provide oversight of corrective actions.
• Identify information security needs and risks to establish operational plans that align with the organization's vision, mission and objectives, and support long-term security growth and sustainability.
• Develop communication, awareness, and education strategies for informing and training employees on cybersecurity initiatives.
• Provide ongoing support for matters related to data, product and physical security risk and governance as necessary.
• Maintain strong and effective working relationships with Astellas divisions worldwide, particularly in the areas that impact information security.

Quantitative Dimensions:

The Global Head of Information Security is responsible for the oversight of all aspects involving information security (including cybersecurity) operations, including, but not limited to data, product and physical security.

Leadership

• Establish a long-term vision and strategy for information security governance and risk management and oversee the development of the near-term tactical implementation strategy.
• Proactively address changes in the threat and business environment through evolving governance and risk management strategies.
• Maintain current and in-depth knowledge of leading practices related to information security governance and risk management.
• Possess proven and effective program management skills.
• Considerable knowledge of business theory, business processes, management, budgeting, and business office operations.

Communication

• Possess excellent people management skills with the ability to influence key decision makers.
• Utilize exceptional communication, facilitation and consensus-building skills to create support for governance and risk management initiatives and strategies.
• Develop and foster ongoing relationships with critical stakeholders throughout Astellas divisions worldwide to effectively manage and instigate change through use of positive influence.
• Talent Management
• Attract and retain talent, ensures staff development (leadership, cross-functional, technical, global perspective), and promotes and fosters diversity.
• Develop talent by actively coaching, managing, and mentoring employees.

Organizational Context:

• The scope of this position is Astellas wide and considers the cybersecurity implications unique to all Astellas divisions when developing governance and risk management strategies. This role will have leadership responsibility, but the person selected for this role will need to help shape the organizational context. This position reports directly to the Global Head of Ethics & Compliance.

---