Director, Cyber Security Incident Response Team (CSIRT)
$169,320–$253,980 year
Hybrid · Gaithersburg, Maryland, United States
Job Summary
Directs and leads the CSIRT within AstraZeneca’s Global Cybersecurity Operations Center, commanding incident response across hybrid and OT environments, driving incident governance, forensics coordination, and executive reporting. Responsibilities include executing the IR plan, maintaining crisis management handoffs, coordinating with Legal, Risk, IT, and other stakeholders, running exercises (tabletop and purple-team), ensuring 24x7 coverage with seamless handoffs, and advancing automation (SIEM/XDR/SOAR) to reduce MTTR. The role emphasizes leadership, cross-functional collaboration, and a strong focus on governance, readiness, and post-incident improvements. Education and leadership experience in enterprise-scale security operations and incident response are required; security certifications are preferred. The position is based in Gaithersburg, MD, with an in-person/office-focused work model and an emphasis on collaboration across global teams.
Required Qualifications
- Bachelor’s degree in information security, computer science, or related field (or equivalent experience)
- Enterprise-scale SOC/IR leadership: 5+ years managing Cyber Security Operations Centre Incident Response in enterprise-sized organizations
- Global coordination with Regional SOCs: Experience integrating and working alongside global, 24x7, distributed teams to complete incident response and cyber operations missions
- Communication and facilitation: Well developed skills to explain complex technical issues in clear business terms; produce concise written material (executive updates, IR reports); and lead briefings
- Analytical decision making: Ability to analyze complex situations, assess risk, and balance strategic and tactical security requirements with business pragmatism, risk appetite, and innovation
- Customer orientation and cross-cultural working: Demonstrated ability to collaborate across regions and functions (IT, Legal, GRC, Physical Security) with a strong service outlook
- Preferred Skills & Experience: Certifications: Security certifications preferred (e.g., CISSP, CISM, GIAC such as GCIH/GCFA/GREM; CCSP; ITIL)
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.