About Astellas:
At Astellas we are a progressive health partner, delivering value and outcomes where needed.
We pursue innovative science, focussing initially on the areas of greatest potential and then developing solutions where patient need is high, often in rare or under-served disease areas and in life-threatening or life-limiting diseases and conditions.
We work directly with patients, doctors and health care professionals on the front line to ensure patient and clinical needs are guiding our development activities at every stage.
Our global vision for Patient Centricity is to support the development of innovative health solutions through a deep understanding of the patient experience. At Astellas, Patient Centricity isn’t a buzzword - it’s a guiding principle for action. We believe all staff have a role to play in creating a patient-centric culture and integrating an awareness of the patient into our everyday working practices, regardless of our role, team or division.
We work closely with regulatory authorities and payers to find new ways to ensure access to new therapies. We deliver the latest insights and real-world evidence to inform the best decisions for patients and their caregivers, to ensure the medicines we develop continue to provide meaningful outcomes.
Beyond medicines, we support our stakeholder communities to drive initiatives that improve awareness, education, access and ultimately standards of care.
The Opportunity:
As the Information Security Training & Awareness Lead, you will be a critical part of our Information Security Pod, responsible for building and leading a comprehensive security training and awareness program.
You will be responsible for creating and promoting a security-aware culture that positively changes behaviours across our organization and strategic partners, ensuring that we are all equipped to recognize and respond to security threats effectively.
Hybrid Working:
At Astellas we recognise the importance of balancing your work and home life, so we offer a hybrid working solution allowing time to connect with colleagues in person at the office alongside the flexibility to work from home; optimising the most productive work environment for you to succeed and deliver.
Key Activities for this role:
- Develop and implement a comprehensive information security training and awareness strategy aligned with organizational goals and regulatory requirements.
- Design and deliver engaging training programs, workshops, and materials to educate employees on information security policies, procedures, and best practices.
- Create and maintain a library of training resources, including e-learning modules, videos, and documentation.
- Implement all-Astellas and targeted phishing campaigns, ensuring strategies to remediate risks from repeat clickers, Very Attacked People and Very Important People are effectively implemented.
- Support end user adoption of new Information Security related systems, processes and controls which strengthen how we govern, identify, protect, detect, respond and recover from Information Security risks and threats.
- Monitor industry trends and emerging threats to ensure training content remains relevant and up-to-date and define and measure the effectiveness of training and awareness initiatives in changing behaviours to protect VALUE for patients.
Essential Knowledge & Experience:
- Proven experience in information security training and awareness, preferably in a leadership role.
- Strong understanding of information security principles, practices, and regulations (e.g., GDPR, HIPAA, PCI-DSS).
- Excellent communication and presentation skills, with the ability to convey complex information in an understandable manner.
- Experience with e-learning platforms and training development tools is a plus.
- Strong organizational skills and attention to detail.
- Ability to work collaboratively with cross-functional teams and influence stakeholders at all levels.
Preferred Qualification:
- Relevant certifications (e.g., CISSP, CISM, CISA, Security+) are desirable.
- Experience in developing and managing training programs in a corporate environment.
- Familiarity with risk management and incident response processes.
Education/Qualifications:
- Bachelor’s degree in Information Security, Cybersecurity, Computer Science, or a related field, or equivalent.
Additional information:
- This is a permanent role based in Poland.
- Role requires a blend of home and a minimum of 1 day per quarter in our Poland office. Flexibility may be required in line with business needs. Candidates must be located within a commutable distance of the office
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
#LI-Warsaw
#LI-Hybrid
#LI-EN1