Identity & Security Engineering Lead
About Astellas:
At Astellas, experience is coupled energised with a relentless challenger spirit.
Our global vision for Patient Centricity is to support the development of innovative health solutions through a deep understanding of the patient experience. At Astellas, Patient Centricity isn’t a buzzword - it’s a guiding principle for action. We believe all staff have a role to play in creating a patient-centric culture and integrating an awareness of the patient into our everyday working practices, regardless of our role, team or division.
We are unusual in our ability to combine the experience, expertise and resources of an established company with the agility, flexibility and tenacity of a start-up. Relentless curiosity and a hunger for discovery flows throughout our entire organisation.
We harness the latest technology and insights from big data with our research expertise to create powerful solutions that could transform the way doctors and nurses treat and care for their patients. We are accelerating product development, driving operational efficiencies and gaining a better understanding of the needs of patients and their healthcare providers.
We partner and collaborate with academic research institutes and biotechnology companies who share our passion for bringing breakthrough discoveries to patients.
The Opportunity:
As Identity & Security Engineering Lead you will be responsible for defining strategy, leading teams, and ensuring operational excellence across our Microsoft identity management platforms while also overseeing broader security engineering domains including cloud security, OT security, application security, and infrastructure security.
A critical focus area will be advancing our Multi-Factor Authentication (MFA), Conditional Access, and Privileged Access Management (PAM) capabilities to enable secure, seamless user experiences. Beyond identity, you will drive security engineering excellence across cloud, OT, and enterprise platforms.
Hybrid Working:
At Astellas we recognise the importance of balancing your work and home life. This role offers a remote working solution so you can optimise the most productive work environment for you to succeed and deliver.
Responsibilities:
- Define and execute the enterprise vision for Microsoft Identity platforms (Active Directory, Azure AD / Entra ID, M365 Identity Services, MFA, Conditional Access, PAM).
- Lead strategy and delivery across broader security engineering domains including cloud security, OT security, and infrastructure/application security
- Automate identity lifecycle management (provisioning, de-provisioning, access reviews, PAM)
- Serve as a trusted partner across infrastructure, applications, OT, business stakeholders, and senior executives
- Lead and mentor a global team of internal and external resources, ensuring alignment and accountability across multiple regions and time zones
- Essential Knowledge & Experience:
- Experience in information security and/or infrastructure engineering, including leadership roles
- Proven experience managing global teams (internal staff and vendor/partner resources)
- Proven record of driving enterprise-wide MFA adoption and improving identity resilience
- Excellent communication, influencing, and cross-functional collaboration skillsPreferred Experience:
- Certifications such as CISSP, CISM, Microsoft SC-300 (Identity & Access Administrator), or Azure Solutions Architect are a plus
Education:
- Bachelor’s degree required; Master’s degree preferred in Information Security, Computer Science, or equivalent.
Additional information:
- Type of role: This is a permanent role.
- Location: UK.
- This role follows a hybrid working model, blending home-based work with a minimum of 1 day per quarter in the office (to be confirmed based on primary location and business need). Flexibility may be required in line with business needs.
We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.
Beware of recruitment scams impersonating Astellas recruiters or representatives. Authentic communication will only originate from an official Astellas LinkedIn profile or a verified company email address. If you encounter a fake profile or anything suspicious, report it promptly to LinkedIn's support team through LinkedIn Help.
#LI-London
#LI-Hybrid
#LI-CC1