Cybersecurity Director – IAM Capability Leader

Leverage technology to impact patients and save lives.

Do you have expertise in, and passion for IAM and cyber security? Would you like to apply your expertise to impact the IAM capabilities in a company that follows science and turns ideas into life changing medicines? If so, AstraZeneca might be the one for you!

About Astra Zeneca

AstraZeneca is a global, science-led, patient-focused biopharmaceutical company that focuses on the discovery, development, and commercialization of prescription medicines for some of the world’s most serious diseases. But we are more than one of the world’s leading pharmaceutical companies. At AstraZeneca, we are dedicated to being a Great Place to Work.

About our Team

It is a dynamic and performance-based environment to work in – but that is why we like it. There are countless opportunities to learn and grow, whether that’s exploring new technologies in hackathons, or redefining the roles and work of colleagues, forever. Craft your own path, with support all the way. A diverse set of minds that work cross-functionally and broadly together.

Introduction to role

Identity and Access Management are among the most critical aspects of any modern cyber security program. Threat actors increasingly leverage identity-based attacks for intrusion and lateral movement, and this trend will only accelerate as AI-based attack techniques are adopted by cyber-criminals.

We are seeking a strategic and purposeful IAM Capability Leader to lead the development and delivery of our enterprise IAM capabilities. This role will be responsible for defining the strategic vision, capability roadmaps, and execution plans across all key IAM domains—including workforce, consumer and machine identity, authentication and authorization platforms and access governance, identity threat management, and IAM-related policies and standards.

As a key member of our security leadership team, you will lead a team of IAM capability owners and collaborate closely with our IAM operations team, ensuring seamless alignment between strategy, delivery, and day-to-day operations.

The ideal candidate will have a solid background in Active Directory, cloud authentication and authorization flows, privileged access management, identity federation, and a demonstrable record of building secure and scalable IAM programs in a fast-paced, innovation-driven environment. This role requires both technical expertise and leadership skills to influence technology and product owners and leaders across the enterprise and promote a secure by design culture.

Key Responsibilities

• Lead IAM Capability Strategy:

• Define and lead the strategy and capability roadmap for core IAM focus areas:

• Authentication and Federation

• Access Management

• Privileged Access Management (PAM)

• Identity Governance and Administration (IGA)

• Identity Threat Detection & Response

• IAM Policies, Standards, and Lifecycle Management

• Development & Execution:

• Define multiyear IAM capability roadmaps aligned with business and security goals.

• Lead the delivery of IAM capabilities through cross-functional teams and initiatives.

• Lead project timelines, resources, and team member communication.

• Team Leadership:

• Lead and mentor a distributed team of IAM capability owners and domain experts.

• Cultivate a collaborative culture of innovation, accountability, and continuous improvement.

• Collaboration & Stakeholder Engagement:

• Partner with the IAM operations team responsible for tickets, configuration, and BAU activities

• Work closely with infrastructure, cloud, HR, legal, compliance, and application teams to ensure IAM integration across systems.

• Communicate effectively with senior leadership on IAM progress, risks, and performance.

• Governance, Compliance & Risk Management:

• Establish IAM policies, standards, and procedures aligned with regulatory and compliance requirements.

• Supervise IAM capability maturity and lead continuous improvement efforts.

• Ensure alignment with relevant regulatory requirements and industry standard methodologies related to product security (e.g., GDPR, SOC2, SOX).

• Contribute to security risk assessments and audits.

Essential Skills/Experience:

• Bachelor’s degree in computer science, Information Security, or a related field (or equivalent experience).

• 8+ years of experience in cyber security, with at least 3 years in a leadership role focusing on identity and access management.

• Deep knowledge across the IAM landscape including authentication protocols (OAuth2, SAML, etc.), IGA tools, PAM solutions, and identity-centric threat management.

• Experience in defining and delivering strategic roadmaps for IAM capabilities.

• Expertise in cloud platform capabilities, including modern authentication protocols, credential vaulting, cloud user roles and least privilege approach.

• Solid understanding of Identity Governance tools and capabilities (e.g., Sailpoint, Saviynt), joiner/mover/leaver processes and identity proofing.

• Experience with credential vaulting and rotation tools and capabilities (e.g., CyberArk, Thycotic)

• Expertise in Active Directory security monitoring and configuration in a large enterprise

• Solid understanding of common identity security threats (e.g., credential harvesting, credential encryption strengths), attack vectors, and mitigation strategies.

• Strong problem-solving and analytical skills with the ability to translate technical concepts to business leaders and non-technical team members.

• Good interpersonal skills, both written and verbal, with the ability to clearly convey complex security topics to a wide audience.

• Minimum of 3 years of experience in a large global organization with 50K+ employees

Desirable Skills/Experience

• Master’s degree or equivalent experience in information security, Computer Science, or a related field.

• Industry certifications such as CISSP, CISM, or CEH.

• Familiarity with cloud security and DevSecOps practices.

• Experience with IAM-related compliance frameworks (SOX, GDPR, HIPAA, etc.)

• Knowledge of industry standards and regulations (e.g., ISO 27001, NIST, SOC2).

The annual base pay for this position ranges from 162,540 - 243,800 USD Annual (80% - 120%). Hourly and salaried non-exempt employees will also be paid overtime pay when working qualifying overtime hours. Base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. In addition, our positions offer a short-term incentive bonus opportunity; eligibility to participate in our equity-based long-term incentive program (salaried roles), to receive a retirement contribution (hourly roles), and commission payment eligibility (sales roles). Benefits offered included a qualified retirement program [401(k) plan]; paid vacation and holidays; paid leaves; and, health benefits including medical, prescription drug, dental, and vision coverage in accordance with the terms and conditions of the applicable plans. Additional details of participation in these benefit plans will be provided if an employee receives an offer of employment. If hired, employee will be in an “at-will position” and the Company reserves the right to modify base pay (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors.

When we put unexpected teams in the same room, we spark bold thinking with the power to inspire life-changing medicines. In-person working gives us the platform we need to connect, work at pace and challenge perceptions. That's why we work, on average, a minimum of three days per week from the office. But that doesn't mean we're not flexible. We balance the expectation of being in the office while respecting individual flexibility. Join us in our outstanding and ambitious world.

Join a team with the backing and investment to win! You'll be working with innovative technology. This marriage between our purposeful work and the use of high-tech platforms is what sets us apart. Own the way in digital healthcare. From exploring data and AI to working in the cloud on new technologies. Join a team at the forefront. Help shape and define the technologies of the future with the backing you need from across the business.

Ready to make an impact? Apply now!