Job Title

About Astellas Astellas is a global life sciences company committed to turning innovative science into VALUE for patients. We provide transformative therapies in disease areas that include oncology, ophthalmology, urology, immunology and women''s health. Through our research and development programs, we are pioneering new healthcare solutions for diseases with high unmet medical need. Purpose and Scope As an Incident Response Specialist, you will play a critical role in safeguarding Astellas information systems and data by leading and coordinating the response to cyber security incidents across the enterprise. This position has arisen as part of Astellas strategy to mature its insourced security operations and establish a best in industry incident response capability that operates effectively across a diverse and evolving technology landscape. The successful candidate will work in a tool-agnostic manner across multiple security platforms and environments, ensuring consistent, efficient, and high-quality response to security incidents. You will collaborate closely with the Security Operations Center (SOC), infrastructure teams, and other Value Teams to contain threats, minimize business impact, and continuously improve response processes and resilience across the organization. Essential Job Duties Lead and coordinate end-to-end incident response activities using an industry-recognized framework (e.g., NIST, SANS), from detection through containment, eradication, and recovery. Act as the primary escalation point for complex or highseverity security incidents. Ensure consistent and effective response across multiple tools, platforms, and environments (cloud, onprem, endpoints, OT where applicable). Investigation And Forensics Conduct detailed technical investigations, including log analysis, endpoint forensics, and network analysis to determine root cause and scope of incidents. Preserve and manage forensic evidence in line with legal and regulatory requirements. Produce clear and structured postincident reports, including root cause analysis and recommendations. ToolAgnostic Operations Operate across a wide range of security tooling (SIEM, EDR, SOAR, cloud security platforms) without reliance on a single vendor ecosystem. Correlate data from multiple sources to build a comprehensive view of incidents. Process Improvement And Playbooks Develop, maintain, and optimize incident response playbooks and runbooks. Identify gaps in detection and response capabilities and work with engineering and SOC teams to improve coverage. Collaboration And Communication Work closely with SOC analysts, threat hunters, and threat intelligence teams to enhance detection and response outcomes. Provide clear and timely communication to stakeholders, including senior leadership, during incident situations. Exercises And Readiness Support and lead incident response simulations, tabletop exercises, and purple team activities. Contribute to building organizational readiness and resilience against cyber threats. Required Qualifications Bachelors degree in Computer Science, Information Technology, Cyber Security, or a related field. Proven experience in a cybersecurity role, preferably within a SOC/SIEM/SOAR environment. Experience in using Microsoft Sentinel & Defender / CrowdStrike EDR / Wizz Cloud Security. Strong knowledge of security frameworks, threat modelling, and incident response methodologies. Preferred Security certification is an advantage. Demonstrate knowledge of change management principles. Relevant certifications (CISSP, CEH, CompTIA Security+) are preferred. Excellent analytical and problemsolving skills. Strong communication skills and the ability to work collaboratively in a small team environment. International/global experience is an advantage. Experience with SIEM/Cloud security tools and automation technologies. Familiarity with antimalware solutions and endpoint detection strategies. Proficiency in scripting languages for automation (Python, PowerShell) is an advantage. Experience in digital forensics (log analysis and technical root cause assessment). Awareness of infrastructure and network security features like firewall rules, event IDs, logging/detection, and managing assets in manufacturing/OT environments. Location and Working Environment This position is remote and is based in Canada. Astellas recognizes the importance of work/life balance and offers a hybrid working solution with flexibility to work from home. Benefits Medical, Dental and Vision Insurance Generous Paid Time Off options, including Vacation, Sick time and national holidays Registered Retirement Savings Plan Program (RRSP) Companypaid life insurance Annual Corporate Bonus and Quarterly Sales Incentive for eligible positions Long Term Incentive Plan for eligible positions Wellness programs Salary Range $80,920$115,600 CAD annually (Canada only). Final compensation will be determined based on proficiency levels and organization equity considerations. Astellas Pharma Canada welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the hiring process. Astellas is committed to equality of opportunity in all aspects of employment. EOE including Disability/Protected Veterans. #J-18808-Ljbffr