AstraZeneca
Pharmaceuticals
SeniorEngineer-CyberSecurity
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Engineer - CyberSecurity at AstraZeneca. Skills: Threat Detection Engineering, Incident Response Leadership, Purple Teaming. Build, tune, and validate detections. Lead threat hunts”
What You'll Achieve.
Lower false positives; Grow true positive coverage; Reduce mean time to detect; Reduce mean time to respond; Measurable outcomes; Scale signal-to-noise improvements; Assemble evidence quickly; Strengthen protection of sensitive research; Ensure continuity for teams delivering for patients
Industry & Context.
Finding and stopping threats; Responding decisively; Translating findings into durable control improvements; Closing identified gaps; Making confident containment decisions; Solving problems that matter
What They're Looking For.
Must Have
Hands-on expertise with Splunk, Hands-on expertise with Microsoft Defender, Develop and tune detection rules, Ethically validated tool outputs, Clear knowledge and work experience in NIST incident response Framework, Perform detailed cause investigation, Perform timeline reconstruction of Cyber incidents, Conduct investigative hunts using MITRE ATT&CK, Anomaly-based analysis of logs, Purple Teaming, Incident Response & Threat Hunting, SIEM/SOAR proficiency, EDR proficiency, Investigation with multiple security toolings, Steadfast integrity, Stability-focused approach, Clear crisis interpersonal skills
Nice to Have
Experience mentoring junior analysts, Acting as a shift lead, Familiarity with Qualys or similar VM platforms, Experience operationalizing CTI, Hands-on security experience in AWS, Hands-on security experience in Azure, Hands-on security experience in GCP, Exposure to SOAR playbook development, Exposure to malware triage, Exposure to purple-team exercises
What You'll Do.
and validate detections
Use TTP-centric methods
Orchestrate incident response
Conduct investigations and timeline reconstructions
Design and run adversary simulations
Partner with engineering to evolve pipelines
Leverage broad toolset
Provide crisis communications
Track detection coverage
Track false positive rates
Prioritize improvements
Baseline detection coverage
Retire high-noise detections
Shape threat-led strategy
How You'll Work.
Team & Collaboration
Partner with engineering; Collaborator Communication; Provide clear, calm crisis communications to technical and non-technical brief leaders
Communication Scope
Clear, calm crisis communications
Full Job Description
## Job Title: Senior Engineer - CyberSecurity ## GCL: D3 ## Introduction to role: Are you ready to turn sophisticated detection engineering and threat hunting into real protection for groundbreaking innovations in science and the patients it serves?rves? Do you want your decisions in the heat of an incident to safeguard labs, manufacturing lines, and global teams working at speed to deliver life-changing medicines? You will join a fast paced technology community that is scaling modern systems and information to transform how we discover, develop, and deliver. Your mission is simple and high stakes: keep critical research and operations resilient by finding and stopping threats earlier, responding decisively, and continuously raising our defensive bar. ## Accountabilities: Threat Detection Engineering: Build, tune, and ethically validate high-fidelity detections in platforms such as Splunk, Microsoft Sentinel, and EDR. This lowers false positives while growing true positive coverage on priority attack pathways. Lead targeted threat hunts aligned with MITRE ATT&CK. Use TTP-centric methods to detect credential abuse, lateral movement, and stealthy persistence in Windows, DNS, and web telemetry. Incident Response Leadership: Orchestrate end-to-end incident response using the NIST framework, from triage and containment to eradication and recovery, reducing mean time to detect and respond across global environments. Root Cause Analysis and Forensics: Conduct investigations and timeline reconstructions that are detailed to understand initial access, propagation, and impact; translate findings into durable control improvements and updated playbooks. Purple Teaming and Control Assurance: Design and run adversary simulations to validate detections and hardening without redefining critical operations, closing identified gaps with measurable outcomes. Platform Ownership and Automation: Partner with engineering to evolve SIEM/EDR/SOAR pipelines, enrichments, and playbooks; drive
Applying for this Senior Engineer - CyberSecurity role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about AstraZeneca?
Real rants from real employees. Read before you apply.