About Astellas
Astellas is a global life sciences company committed to turning innovative science into VALUE for patients. We provide transformative therapies in disease areas that include oncology, ophthalmology, urology, immunology and women's health. Through our research and development programs, we are pioneering new healthcare solutions for diseases with high unmet medical need. Learn more at Astellas.com.
Are you driven to make a real difference in the lives of patients?
We're seeking passionate individuals who thrive in dynamic environments, embrace new ideas, and aren't afraid to take intelligent risks. People who act with unwavering integrity and are deeply committed to making a tangible impact.
Location and Working Environment
This is a permanent role which is based in the UK (Addlestone) - hybrid working with the expectation to be in office once per quarter.
25% travel required throughout the year
Astellas’ Responsible Flexibility Guidelines Statement- At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.
Purpose & Scope
As an Incident Response Specialist, you will play a critical role in safeguarding Astellas’ information systems and data by leading and coordinating the response to cyber security incidents across the enterprise. This position has arisen as part of Astellas’ strategy to mature its insourced security operations and establish a ‘best in industry’ incident response capability that operates effectively across a diverse and evolving technology landscape.
The successful candidate will work in a tool-agnostic manner across multiple security platforms and environments, ensuring consistent, efficient, and high-quality response to security incidents. You will collaborate closely with the Security Operations Center (SOC), infrastructure teams, and other Value Teams to contain threats, minimize business impact, and continuously improve response processes and resilience across the organization.
Role and Responsibilities
Incident Response Leadership:
• Lead and coordinate end-to-end incident response activities using an industry-recognized framework (e.g., NIST, SANS), from detection through containment, eradication, and recovery.
• Act as the primary escalation point for complex or high-severity security incidents.
• Ensure consistent and effective response across multiple tools, platforms, and environments (cloud, on-prem, endpoints, OT where applicable).
Investigation and Forensics:
• Conduct detailed technical investigations, including log analysis, endpoint forensics, and network analysis to determine root cause and scope of incidents.
• Preserve and manage forensic evidence in line with legal and regulatory requirements.
• Produce clear and structured post-incident reports, including root cause analysis and recommendations.
Tool-Agnostic Operations:
• Operate across a wide range of security tooling (SIEM, EDR, SOAR, cloud security platforms) without reliance on a single vendor ecosystem.
• Correlate data from multiple sources to build a comprehensive view of incidents.
Process Improvement and Playbooks:
• Develop, maintain, and optimize incident response playbooks and runbooks.
• Identify gaps in detection and response capabilities and work with engineering and SOC teams to improve coverage.
Collaboration and Communication:
• Work closely with SOC analysts, threat hunters, and threat intelligence teams to enhance detection and response outcomes.
• Provide clear and timely communication to stakeholders, including senior leadership, during incident situations.
Exercises and Readiness:
• Support and lead incident response simulations, tabletop exercises, and purple team activities.
• Contribute to building organizational readiness and resilience against cyber threats.
Required Qualifications
• Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
• Security certification is an advantage.
• Relevant certifications (e.g., Certified Information Systems Security Professional CISSP, Certified Ethical Hacker CEH or CompTIA Security+, etc.).
• Proven experience in a cybersecurity role, preferably within a SOC/SIEM/SOAR environment.
• Strong knowledge of security frameworks, threat modelling, and incident response methodologies.
Preferred Qualifications
• Demonstrate knowledge of change management principles.
• Excellent analytical and problem-solving skills.
• Experience in using Microsoft Sentinel & Defender / CrowdStrike EDR / Wizz Cloud Security.
• Strong communication skills and the ability to work collaboratively in a small team environment where we share capacity and effort.
• International/global experience is an advantage.
• Experience with SIEM/Cloud security tools and automation technologies.
Familiarity with anti-malware solutions and endpoint detection strategies.
Proficiency in scripting languages for automation (e.g., Python, PowerShell) is an advantage.
• Experience in digital forensics (log analysis and technical root cause assessment).
• Awareness of infrastructure and network security features like firewall rules, event IDs, logging/detection, and managing assets in manufacturing / OT environments.
What awaits you at Astellas?
• Global collaboration: Become part of a connected global business of like-minded life science leaders, all dedicated to improving patients' lives worldwide.
• Real-world patient impact: Contribute to transformative therapies that reach patients around the world, knowing your work makes a difference every day.
• Relentless Innovation: Join a company at the forefront of scientific breakthroughs, where you'll have the opportunity to shape the future of healthcare.
• A Culture of Growth: Chart your own course within a supportive environment that values your contributions, champions your development, and empowers you to pursue your passions.
Our Organizational Values and Behaviors
• Impact
• Innovation
• Integrity
• One Astellas
• Accountability
• Courage
• Sense of Urgency
• Outcome Focus
Benefits
We are an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Beware of recruitment scams impersonating Astellas recruiters or representatives. Authentic communication will only originate from an official Astellas LinkedIn profile or a verified company email address. If you encounter a fake profile or anything suspicious, report it promptly to LinkedIn's support team through LinkedIn Help.
#LI-Addlestone
#LI-Hybrid
#LI-LL1