Principle Chapter Lead, Risk and Compliance

**Purpose**:
This global role will play a crucial part in overseeing and enhancing the governance, risk management, and compliance of Astellas' security practices.

**Essential Job Responsibilities**:
Develop and coach a high-performing global team in various disciplines within DigitalX including Information Security, PODs and Value Teams.

Product Security and Infrastructure Risk and Compliance

Develop and continuously evolve a strong governance, risk, and compliance framework for Astellas' security practices

Partner closely with Legal and Ethics & Compliance to ensure adherence to relevant laws and regulatory requirements

Establish and lead a comprehensive risk management program to identify, assess, mitigate and monitor security risks across the organization

Revamp and lead the Third-Party Risk Management program, ensuring that security risks associated with third-party relationships are identified and managed effectively

Establish a comprehensive data security strategy that aligns with the overarching objectives of the information security program

Lead the development and implementation of an AI governance strategy, ensuring effective operationalization of AI technologies across the organization

Ensure infrastructure platforms are secure, reliable and capable of supporting Astellas

Serve as the primary liaison for all DigitalX audit activities, internal assessments, and regulatory engagements, ensuring collaborative communication and coordination among all involved.

Monitor and report on all DigitalX audits, ensuring timely remediation of identified issues and transparent communication to relevant stakeholders

Revamp DigitalX policies, standards, and procedure documentation to eliminate redundancies, streamline processes and reduce amount of training time required

Establish internal assessment program to evaluate Astellas’ cybersecurity maturity, continuously benchmarking against peers and industry standards

Ensure that all contracts incorporate appropriate security language to safeguard sensitive information and establish clear responsibilities for data protection and compliance.

Oversee security initiatives in China, ensuring compliance with China-specific regulations and fostering a strong security culture within the region

Own all DigitalX LMS training to ensure the development, delivery, and continuous improvement of DigitalX training

**Qualifications Required**:
Bachelor's degree

10+ years of IT and/or security experience in data security, information security or a related field

At least 10 years of experience in information security, risk management, or a related field, with a minimum of 5 years in a leadership or managerial role

In-depth knowledge of security assurance, risk management frameworks, and regulatory compliance requirements, including NIS2, SEC, and China-specific cybersecurity regulations.

Proven experience in implementing and managing security assurance and risk management programs in a global organization

Strong understanding of cybersecurity risk assessment methodologies and industry best practices

Excellent knowledge of cybersecurity frameworks, such as NIST CSF, ISO 27001, or similar.

Demonstrated ability to effectively interface with internal and external stakeholders, including auditors and regulators.

Experience in managing security-related vendor contracts and agreements.

Strong leadership and team management skills, with a focus on talent development and performance management.

Excellent communication and presentation skills, both written and verbal.

**Working Environment**:

- At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.

Category TechX

Astellas is committed to equality of opportunity in all aspects of employment.

EOE including Disability/Protected Veterans