Are you ready to lead cyber defence operations that protect breakthrough science and accelerate impact for patients? Do you want to turn strategy into measurable improvements in detection and response across a global enterprise?

Based in Macclesfield, UK, this role sits at the heart of our digital transformation. You will build the operating model for cyber defence and threat intelligence, orchestrating change across SOC workflows, SIEM uplift, CTI integration, and SOAR adoption. Your work will harden the resilience of our technology estate, reduce risk, and enable teams across the business to operate with confidence.

You will be responsible for the programme strategy and roadmap and lead a high-performing delivery team to scale solutions that matter—from improving detection fidelity and response efficacy to embedding dashboards that illuminate coverage, maturity, and value. With strong backing and investment, you will have the platform to drive outcomes at pace and influence decisions at the highest levels.

Accountabilities

• Operating Model and Transformation Delivery: Orchestrate process, technology, and organisational change across cyber defence and threat intelligence to ensure adoption, operational readiness, and measurable improvements in detection and response.
• Programme Strategy and Roadmap Ownership: Translate cyber defence objectives into a prioritised, value-led roadmap with clear scope, milestones, benefits, and funding; maintain alignment through disciplined stage gates and change control.
• Execution Governance and Excellence: Establish and run governance (RAID management, steering forums, reporting, financials), drive decision-making, remove blockers, and deliver outcomes on time, within budget, and to agreed benefits.
• Team Leadership and Development: Lead the delivery team, set objectives and ways of working, ensure capacity and velocity across workstreams, and elevate quality through coaching, performance management, and recruitment.
• Stakeholder Leadership and Communication: Engage senior cyber, IT, and business leaders to shape requirements, secure buy-in, handle expectations, and communicate progress and risk clearly to executive and technical audiences.
• Supplier and Transition Management: Coordinate external suppliers and internal partners, drive operational readiness, and oversee controlled service transition into steady-state operations.
• Domain Expertise: Demonstrate breadth across multiple security domains with deep expertise in at least two (e.g., detection engineering, forensics, incident response, threat hunting, threat intelligence, malware analysis) to inform design and decision-making.
• Metrics and Dashboards: Build and evolve dashboards for coverage, fidelity, and operational metrics (e.g., false positive rate, detection adoption, response efficacy) that guide prioritisation and demonstrate value.

Essential Skills/Experience

• Cyber operations: General understanding of operational cybersecurity: SOC workflows, SIEM, SOAR, Vulnerability Management, Cyber Threat Intelligence.
• Programme governance & delivery: Proven experience leading complex cyber/IT programmes, managing scope, schedule, budget, and benefits. Proficiency with enterprise PPM frameworks (e.g., stage gates, RAID, benefits realization) and financial stewardship.
• Leadership & talent development: Leading team capacity, goal setting, coaching, performance management, and recruitment.
• Strategic planning & prioritization: Building value-led roadmaps, managing dependencies, and aligning to business strategy.
• Change & adoption: Methods to drive organizational change, training, and readiness within global matrix environments.
• Risk & compliance: IT risk management, control assurance, and delivery in regulated settings; alignment to security policies and standards.
• Supplier management: Managing MSPs/third parties for cyber delivery and operations.
• Communication & influence: Executive-level communication, stakeholder engagement, and conflict resolution.
• Risk, issue & change control: Systematic identification and remediation; disciplined change management and governance.

Education: Degree in information security, computer science, or related field, or equivalent practical experience.

Certifications: PMP/PRINCE2/MSP; CISSP/CISM/CCSP or equivalent.

Desirable Skills/Experience

• Global matrix experience operating across regions and time zones.
• Financial optimization, including benefits tracking and cost management for measurable value.
• Practical experience applying Agile, Lean, or Six Sigma in programme execution.
• Tooling familiarity across EDR, networking, web access, OT, IAM, and cloud security services to inform programme decisions.
• Resilience integration with business continuity, disaster recovery, and crisis exercises.
• Data-driven performance management with critical metrics and dashboards for coverage, fidelity, maturity, and value realization.

Why AstraZeneca

Here, technology and science meet with real momentum. You will work with ground breaking platforms—cloud, data, AI—and collaborate with diverse experts to unlock new ways of protecting the enterprise that powers life-changing medicines. We bring unexpected teams into the same room to unleash bold thinking and scale solutions that matter. With strong investment, a spirit of experimentation, and a culture that values kindness alongside ambition, you will shape how cyber defence enables our mission and grow your impact across the business.

Date Posted

20-Jan-2026

Closing Date

21-Jan-2026

Our mission is to build an inclusive and equitable environment. We want people to feel they belong at AstraZeneca and Alexion, starting with our recruitment process. We welcome and consider applications from all qualified candidates, regardless of characteristics. We offer reasonable adjustments/accommodations to help all candidates to perform at their best. If you have a need for any adjustments/accommodations, please complete the section in the application form.