Cyber Security Operations Engineer

AstraZeneca operates in over 100 countries and its innovative medicines are used by millions of patients worldwide.

Cyber Security Operations Engineer

Location: Macclesfield, UK

Competitive Benefits & Salary

Closing date; 13th Feb 2024

AstraZeneca is looking for a Cybersecurity Incident Response engineer to provide incident response and associated cybersecurity operations services. The Cyber Security Incident Response engineer provides incident handling, response, monitoring, engineering, and process management support across AstraZeneca’s broad portfolio of cyber operations services. The position requires both a deep technical understanding of cybersecurity incident response actions as well as experience in establishing organizational policies and process around cyber incident response. Specific actions for this position listed below:

About the enterprise technology services team

The Enterprise Technology Services (ETS) team is accountable for all Infrastructure, Security, IT Operations and all End User Services and technologies. This group will ensure that our IT Services are flawless and secure, and that technology is delivered in an efficient, effective, and agile way, with a strong focus on experience.

It’s a dynamic and challenging environment to work in – but that’s why we like it. There are countless opportunities to learn and grow, whether that’s exploring new technologies in hackathons, or transforming the roles and work of colleagues, forever. This is your chance to be part of a team that has the backing to innovate, disrupt an industry and change lives.

Key Accountabilities

  • Work with AZs incident response and engineering staff in the execution of incident response activities including, but not limited to, threat assessment, forensics, data analysis, reporting and communication

  • Work with AZ security operations and incident response teams in planning and executing cybersecurity incident response activities

  • Conduct regular cyber security threat assessment and vulnerability analysis, including regular review and analysis of threat assessment reports and alerts

  • Review existing alerts to identify opportunities for tuning and work with cyber engineering teams to test and implement tuning requests

  • Participate in review of new SIEM use cases and develop runbooks that provide guidelines for analysing the specific threats related to new use cases

  • Evaluate use cases on a periodic basis to ensure they are still relevant, support monitoring of security risks, have the accurate data sources and are providing value

  • Develop and improve processes/procedures related to the Cyber Security Operation Center

  • Collaborate with the Incident Response team on the response, triage and escalation of security events affecting the company’s information assets and activities

  • Provide mentorship to build the controls vital for automated and proactive detection and prevention

Essential requirements

  • Demonstrated ability in an information security role

  • Proven technical proficiencies in operating systems, networking, security tools and cloud services

  • Knowledge of security industry practices and standards including

  • Experience with security assessments, incident response activities and working in environments subject to regulations (e.g., SOX, Data Privacy) and audit oversight

  • Security-related industry certifications are preferred, but not required (e.g., CISA, CISSP, GSEC, Security+)

  • Experience and ability to work in shifts on rotational basis covering 24*7 support

  • Self-starter and self-motivated

  • Ability to work & collaborate optimally in a team environment.

  • Sense of urgency and able to apply risk-based approach to prioritize work

Desirable requirements

  • Ability to communicate clearly, effectively, persuasively, and credibly with internal management and external senior level oversight entities

  • Motivated to learn new technologies and identify process improvements and efficiencies

  • Ability to adapt to change while continuing to deliver on assigned objectives

  • Strong verbal and written communication skills

Why join us

We’re a network of entrepreneurial self-starters who contribute to something far bigger. There’s a diversity of expertise in our Technology group that’s unique to AstraZeneca – it allows us to dive deep into

Exploring new leading-edge technology.

A place to be open and transparent – we speak up, think creatively and share ideas. Our diverse contributions help us to make better decisions. But we have a constant drive to innovate, and an appreciation for high standards. It takes challenging the status quo to add value in our ever-evolving environment. We love it here because put simply, we make a meaningful impact. Technology at AstraZeneca is a home for purposeful disruptors!

So, what’s next?

  • Are you already envisioning yourself joining our team? Good, because we can’t wait to hear from you

  • Are you ready to bring new insights and fresh thinking to the table? Brilliant! We have one seat available, and we hope it’s yours

Where can I find out more?

Our Social Media, Follow AstraZeneca on LinkedIn

Follow AstraZeneca on Facebook

Follow AstraZeneca on Instagram


AstraZeneca embraces diversity and equality of opportunity. We are committed to building an inclusive and diverse team representing all backgrounds, with as wide a range of perspectives as possible, and harnessing industry-leading skills. We believe that the more inclusive we are, the better our work will be. We welcome and consider applications to join our team from all qualified candidates, regardless of their characteristics. We comply with all applicable laws and regulations on non-discrimination in employment (and recruitment), as well as work authorization and employment eligibility verification requirements.

Apply now

Add to shortlist

Login or create a free user account to upload your CV and shortlist jobs.

Create account

Other jobs at AstraZeneca

Looking for something specific?