Incident Response Specialist

Incident Response Specialist

About Astellas

Astellas is a global life sciences company committed to turning innovative science into VALUE for patients. We provide transformative therapies in disease areas that include oncology, ophthalmology, urology, immunology and women's health. Through our research and development programs, we are pioneering new healthcare solutions for diseases with high unmet medical need. Learn more at Astellas.com.

Are you driven to make a real difference in the lives of patients?

We're seeking passionate individuals who thrive in dynamic environments, embrace new ideas, and aren't afraid to take intelligent risks. People who act with unwavering integrity and are deeply committed to making a tangible impact.

Purpose and Scope

As an Incident Response Specialist, you will play a critical role in safeguarding Astellas’ information systems and data by leading and coordinating the response to cyber security incidents across the enterprise. This position has arisen as part of Astellas’ strategy to mature its insourced security operations and establish a ‘best in industry’ incident response capability that operates effectively across a diverse and evolving technology landscape.

The successful candidate will work in a tool-agnostic manner across multiple security platforms and environments, ensuring consistent, efficient, and high-quality response to security incidents. You will collaborate closely with the Security Operations Center (SOC), infrastructure teams, and other Value Teams to contain threats, minimize business impact, and continuously improve response processes and resilience across the organization.

Essential Job Duties

Incident Response Leadership:

• Lead and coordinate end-to-end incident response activities using an industry-recognized framework (e.g., NIST, SANS), from detection through containment, eradication, and recovery.
• Act as the primary escalation point for complex or high-severity security incidents.
• Ensure consistent and effective response across multiple tools, platforms, and environments (cloud, on-prem, endpoints, OT where applicable).

Investigation and Forensics:

• Conduct detailed technical investigations, including log analysis, endpoint forensics, and network analysis to determine root cause and scope of incidents.
• Preserve and manage forensic evidence in line with legal and regulatory requirements.
• Produce clear and structured post-incident reports, including root cause analysis and recommendations.

Tool-Agnostic Operations:

• Operate across a wide range of security tooling (SIEM, EDR, SOAR, cloud security platforms) without reliance on a single vendor ecosystem.
• Correlate data from multiple sources to build a comprehensive view of incidents.

Process Improvement and Playbooks:

• Develop, maintain, and optimize incident response playbooks and runbooks.
• Identify gaps in detection and response capabilities and work with engineering and SOC teams to improve coverage.

Collaboration and Communication:

• Work closely with SOC analysts, threat hunters, and threat intelligence teams to enhance detection and response outcomes.
• Provide clear and timely communication to stakeholders, including senior leadership, during incident situations.

Exercises and Readiness:

• Support and lead incident response simulations, tabletop exercises, and purple team activities.
• Contribute to building organizational readiness and resilience against cyber threats.

Required Qualifications        

• Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
• Proven experience in a cybersecurity role, preferably within a SOC/SIEM/SOAR environment.
• Experience in using Microsoft Sentinel & Defender / CrowdStrike EDR / Wizz Cloud Security. 
• Strong knowledge of security frameworks, threat modelling, and incident response methodologies.

Preferred:

• Security certification is an advantage.
• Demonstrate knowledge of change management principles. Relevant certifications (e.g., Certified Information Systems Security Professional CISSP, Certified Ethical Hacker CEH or CompTIA Security+, etc.)
• Excellent analytical and problem-solving skills.
• Strong communication skills and the ability to work collaboratively in a small team environment where we share capacity and effort.
• International/global experience is an advantage.
• Experience with SIEM/Cloud security tools and automation technologies.
• Familiarity with anti-malware solutions and endpoint detection strategies.
• Proficiency in scripting languages for automation (e.g., Python, PowerShell) is an advantage.
• Experience in digital forensics (log analysis and technical root cause assessment).
• Awareness of infrastructure and network security features like firewall rules, event IDs, logging/detection, and managing assets in manufacturing / OT environments.

Location and Working Environment

• This position is remote and is based in Canada.

• At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.

What awaits you at Astellas?

• Global collaboration: Become part of a connected global business of like-minded life science leaders, all dedicated to improving patients' lives worldwide.  Real-world patient impact: Contribute to transformative therapies that reach patients around the world, knowing your work makes a difference every day.
• Relentless Innovation: Join a company at the forefront of scientific breakthroughs, where you'll have the opportunity to shape the future of healthcare.
• A Culture of Growth: Chart your own course within a supportive environment that values your contributions, champions your development, and empowers you to pursue your passions.

Our Organizational Values and Behaviors

Values: Innovation, Integrity and Impact sit at the heart of what we do.

Behaviors: We come together as ‘One Astellas’, working with courage and a sense of urgency.  We are outcome focused and consistently take accountability for our personal contribution.

Salary Range: $80,920-$115,600 CAD annually per year (final compensation will be determined based on a variety of factors, including but not limited to proficiency levels and organizational equity considerations)

*The salary range provided applies to Canada only and does not apply to any other locations outside of Canada.

Benefits:

• Medical, Dental and Vision Insurance
• Generous Paid Time Off options, including Vacation, Sick time and national holidays
• Registered Retirement Savings Plan Program (RRSP)
• Company paid life insurance
• Annual Corporate Bonus and Quarterly Sales Incentive for eligible positions
• Long Term Incentive Plan for eligible positions
• Wellness programs

Astellas may use artificial intelligence-enabled tools at various stages of the recruitment and selection process.

Additional information:

Astellas Pharma Canada welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the hiring process.

No telephone inquiries, in-person applications, or agencies please. While we appreciate all applications, only candidates under consideration will be contacted.

#LI-CH1