Astellas Pharma
Website:
astellas.com
Job details:
About Astellas
Astellas is a global life sciences company committed to turning innovative science into VALUE for patients. We provide transformative therapies in disease areas that include oncology, ophthalmology, urology, immunology and women's health. Through our research and development programs, we are pioneering new healthcare solutions for diseases with high unmet medical need. Learn more at Astellas.com (https://www.astellas.com/en) .
Are you driven to make a real difference in the lives of patients?
We're seeking passionate individuals who thrive in dynamic environments, embrace new ideas, and aren't afraid to take intelligent risks. People who act with unwavering integrity and are deeply committed to making a tangible impact.
Purpose And Scope
As an Identity Management Architect, this role is responsible for defining, governing, and evolving the enterprise IAM architecture to ensure secure, scalable, and compliant access across systems and applications. The position is established to provide strategic ownership of IAM platforms, drive identity modernization initiatives, and align access controls with Zero Trust security principles. The IAM Architect will set architectural standards, guide solution design, and ensure consistent implementation across identity, access governance, and privileged access services.
Responsibilities And Accountabilities
- Define, own, and govern the enterprise IAM architecture, strategy, roadmap, and reference standards, aligned with business objectives, security policies, and regulatory requirements.
- Provide strategic ownership of IAM platforms, including Microsoft Entra ID, Conditional Access, Multi‑Factor Authentication (MFA), Identity Governance (IGA), and Privileged Access Management (PAM).
- Design end‑to‑end IAM solutions covering authentication, authorization, identity lifecycle management (Joiner–Mover–Leaver), and privileged access, ensuring scalability, resilience, and security‑by‑
- Establish and enforce architecture standards, design patterns, and guardrails to ensure consistent and secure implementation across applications, APIs, directories, and cloud platforms.
- Lead identity modernization initiatives, embedding Zero Trust principles, least‑privilege access, and risk‑based controls across all identity and access solutions.
- Architect and govern Single Sign‑On (SSO), federation (SAML, OAuth2, OpenID Connect), RBAC/ABAC models, and integrations across enterprise and third‑party systems.
- Identify and assess identity‑related security risks, emerging threats, and architectural gaps, and define remediation or design improvements to mitigate current and future risks.
- Evaluate current‑state IAM capabilities and define target‑state architectures, including trade‑offs, dependencies, and phased modernization roadmaps.
- Ensure IAM architecture aligns with enterprise security standards and relevant frameworks (e.g., NIST, ISO 27001) and supports audit and regulatory requirements (e.g., ISO, SOX, GDPR).
- Partner with security, engineering, application, HR, and business teams to translate requirements into scalable IAM solutions and present architectural decisions, risks, and recommendations to senior leadership.
- Drive continuous improvement through automation, innovation, and adoption of modern IAM technologies, improving both security posture and user experience.
Required Qualifications
- Bachelor’s or Master’s degree in Computer Science, Information Security, Engineering, or a related field, or equivalent extensive industry experience.
- 17–20+ years of IT experience, with deep expertise in Identity and Access Management and senior roles in enterprise architecture, platform ownership, or technical leadership within large, global organizations.
- Proven experience defining and governing enterprise‑scale IAM architecture and strategy across on‑premises, cloud, and hybrid environments.
- Deep expertise with Microsoft Entra ID, including Conditional Access, MFA, Identity Governance, hybrid identity, and modern authentication patterns.
- Strong knowledge across IAM domains and protocols, including SSO, federation (SAML, OAuth 2.0, OIDC), identity lifecycle (JML), Identity Governance (IGA), and Privileged Access Management (PAM).
- Demonstrated leadership in large‑scale IAM transformations, Zero Trust architecture, and risk‑based access controls.
- Experience establishing architecture standards and governance frameworks, and influencing senior stakeholders (CISO/CIO) on security and technology direction.
- Relevant certifications preferred, such as CISSP, CISM, TOGAF, or Microsoft Identity.
Preferred Qualifications
- Professional certifications such as CISSP, CISM, TOGAF, SABSA, or vendor certifications in Microsoft Entra ID, SailPoint, CyberArk, or equivalent IAM platforms.
- Experience leading global IAM transformation programs across multi‑region, highly regulated enterprises (e.g., pharmaceutical, healthcare, or financial services).
- Hands‑on exposure to enterprise IGA and PAM platforms, including vendor evaluation, tool selection, and IAM product strategy.
- Strong experience with multi‑cloud IAM architectures (Azure, AWS, GCP) and complex application ecosystems (SAP, HRMS, SaaS, cloud‑native platforms).
- Exposure to Customer IAM (CIAM) and external identity use cases at scale.
- Experience with Identity Threat Detection & Response (ITDR), identity analytics, and advanced identity security controls.
- Familiarity with DevSecOps practices, automation, API‑driven IAM architectures, and modern identity innovations, including passwordless authentication.
- Strong ability to influence executive stakeholders (CISO/CIO level) and drive strategic identity and security decisions.
Working Environment
At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility
What awaits you at Astellas?
- Global collaboration: Become part of a connected global business of like-minded life science leaders, all dedicated to improving patients' lives worldwide.
- Real-world patient impact: Contribute to transformative therapies that reach patients around the world, knowing your work makes a difference every day.
- Relentless Innovation: Join a company at the forefront of scientific breakthroughs, where you'll have the opportunity to shape the future of healthcare.
- A Culture of Growth: Chart your own course within a supportive environment that values your contributions, champions your development, and empowers you to pursue your passions.
Our Organizational Values and Behaviors
Values: Innovation, Integrity and Impact sit at the heart of what we do.
Behaviors: We come together as ‘One Astellas’, working with courage and a sense of urgency. We are outcome focused and consistently take accountability for our personal contribution.
Category Digital Infrastructure & Cybersecurity (SUB00000711)
Astellas is committed to equality of opportunity in all aspects of employment.
EOE including Disability/Protected Veterans
Click on Apply to know more.