Principle Chapter Lead, Risk and Compliance

Astellas


Date: 19 hours ago
City: Markham, ON
Contract type: Full time

Astellas Pharma Inc. is a pharmaceutical company conducting business in more than 70 countries around the world. We are committed to turning innovative science into medical solutions that bring value and hope to patients and their families. Keeping our focus on addressing unmet medical needs and conducting our business with ethics and integrity enables us to improve the health of people throughout the world. For more information on Astellas, please visit our website at www.astellas.com .

This position is based in Northbrook, Illinois. Hybrid work from certain states may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines. Candidates interested in hybrid work are encouraged to apply.

Purpose:

This global role will play a crucial part in overseeing and enhancing the governance, risk management, and compliance of Astellas' security practices.

Essential Job Responsibilities:

    Develop and coach a high-performing global team in various disciplines within DigitalX including Information Security, PODs and Value Teams.

    Product Security and Infrastructure Risk and Compliance

    Develop and continuously evolve a strong governance, risk, and compliance framework for Astellas' security practices

    Partner closely with Legal and Ethics & Compliance to ensure adherence to relevant laws and regulatory requirements

    Establish and lead a comprehensive risk management program to identify, assess, mitigate and monitor security risks across the organization

    Revamp and lead the Third-Party Risk Management program, ensuring that security risks associated with third-party relationships are identified and managed effectively

    Establish a comprehensive data security strategy that aligns with the overarching objectives of the information security program

    Lead the development and implementation of an AI governance strategy, ensuring effective operationalization of AI technologies across the organization

    Ensure infrastructure platforms are secure, reliable and capable of supporting Astellas

    Serve as the primary liaison for all DigitalX audit activities, internal assessments, and regulatory engagements, ensuring collaborative communication and coordination among all involved.

    Monitor and report on all DigitalX audits, ensuring timely remediation of identified issues and transparent communication to relevant stakeholders

    Revamp DigitalX policies, standards, and procedure documentation to eliminate redundancies, streamline processes and reduce amount of training time required

    Establish internal assessment program to evaluate Astellas’ cybersecurity maturity, continuously benchmarking against peers and industry standards

    Ensure that all contracts incorporate appropriate security language to safeguard sensitive information and establish clear responsibilities for data protection and compliance.

    Oversee security initiatives in China, ensuring compliance with China-specific regulations and fostering a strong security culture within the region

    Own all DigitalX LMS training to ensure the development, delivery, and continuous improvement of DigitalX training

Qualifications Required:

    Bachelor's degree

    10+ years of IT and/or security experience in data security, information security or a related field

    At least 10 years of experience in information security, risk management, or a related field, with a minimum of 5 years in a leadership or managerial role

    In-depth knowledge of security assurance, risk management frameworks, and regulatory compliance requirements, including NIS2, SEC, and China-specific cybersecurity regulations.

    Proven experience in implementing and managing security assurance and risk management programs in a global organization

    Strong understanding of cybersecurity risk assessment methodologies and industry best practices

    Excellent knowledge of cybersecurity frameworks, such as NIST CSF, ISO 27001, or similar.

    Demonstrated ability to effectively interface with internal and external stakeholders, including auditors and regulators.

    Experience in managing security-related vendor contracts and agreements.

    Strong leadership and team management skills, with a focus on talent development and performance management.

    Excellent communication and presentation skills, both written and verbal.

Working Environment:

    At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines

Category TechX

Astellas is committed to equality of opportunity in all aspects of employment.

EOE including Disability/Protected Veterans

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume