Title: Cyber Security Engineer

Mexico

Date: Nov 16, 2025

Job Req Id: 14503

Location:

Ciudad de Mexico, Ciudad de México, MX, 01210

Description:

Are you driven to make a real difference in the lives of patients?

We're seeking passionate individuals who thrive in dynamic environments, embrace new ideas and aren't afraid to take intelligent risks. People who act with unwavering integrity and are deeply committed to making a tangible impact.

Location and Working Environment

This position is based in Mexico City and will require onsite hybrid work.
At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.

Purpose and Scope

As a Cyber Security Engineer, you will play a critical role in safeguarding our organization’s information systems and data. This position has arisen due to Astellas insourcing the responsibility for managing security operations, developing automation for threat detection, and working towards ‘best in industry’ incident response. The successful candidate will work collaboratively within the Security Operations Center (SOC) and other Value Teams across the organization to ensure a proactive security posture and to mitigate risks associated with cyber threats in several areas.

Astellas has several roles that may fit candidates who do not have experience in all the areas outlined in the next section, therefore we encourage applicants who have experience in two or more areas listed below.

Role and Responsibilities

Security Operations Center (SOC) Management:

Support daily SOC operations, ensuring effective monitoring support, development of use cases and response to security incidents.
Manage application ingestion processes and email security protocols.
Support SIEM management, including logging and alerting.

Automation Development:

Develop and implement automation solutions for alerts from various security sources, ensure firewalls, IDS and EDR tools are working effectively.
Streamline processes to enhance the efficiency of security operations and help develop communication with other teams.

Threat Modelling:

Conduct threat modelling for applications to identify vulnerabilities and recommend mitigation strategies.
Analyze email tickets and develop tooling to improve response times and effectiveness.
Provide root cause analysis for the threat found and assist with remediation.

Anti-Malware and Endpoint Detection:

Assist in operational efforts to implement a global strategy for anti-virus (AV) solutions and optimize detection capabilities.
Ensure consistent standards for endpoint detection and response across the organization.

Continue: Role and Responsibilities

Incident Response:

Lead or support incident response efforts using an industry-recognized model and report escalations to senior leadership when required.
Collaborate with Red, Blue, and Purple teams to conduct penetration testing and improve security posture.
Conduct forensic analysis to investigate security incidents and recommend improvements.

Proactive Threat Hunting:

Engage in proactive threat hunting to identify potential security threats before they materialize.
Collaborate with teams to enhance detection and response capabilities.

Reporting and data analysis:

Engage in proactive collaboration across Value Teams, working with an agile mindset, and assist in the creation of dashboards and reporting for security governance.
Assist in the governance of security within cloud infrastructure.

Required Qualifications

Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
Proven experience in a cybersecurity role, preferably within a SOC/SIEM/SOAR environment.
Experience in using Microsoft Sentinel & Defender / Crowdstrike EDR / Wizz Cloud Security.
Strong knowledge of security frameworks, threat modelling, and incident response methodologies.
Awareness of infrastructure and network security features like firewall rules, event IDs, logging/detection, and managing assets in manufacturing / OT environments.
Experience of working with cloud security and insourced capabilities, as well as MSPs.
Experience with SIEM/Cloud security tools and automation technologies.
Familiarity with anti-malware solutions and endpoint detection strategies.
Proficiency in scripting languages for automation (e.g., Python, PowerShell) is an advantage.
Experience in digital forensics (log analysis and technical root cause assessment).

Preferred Qualifications

Security certification is an advantage.
Demonstrate knowledge of change management principles. Relevant certifications (e.g., Certified Information Systems Security Professional CISSP, Certified Ethical Hacker CEH or CompTIA Security+, etc.)
Excellent analytical and problem-solving skills.
Strong communication skills and the ability to work collaboratively in a small team environment where we share capacity and effort.
International/global experience is an advantage.

What awaits you at Astellas?

Global collaboration: Become part of a connected global business of like-minded life science leaders, all dedicated to improving patients' lives worldwide.

Real-world patient impact: Contribute to transformative therapies that reach patients around the world, knowing your work makes a difference every day.
Relentless Innovation: Join a company at the forefront of scientific breakthroughs, where you'll have the opportunity to shape the future of healthcare.

A Culture of Growth: Chart your own course within a supportive environment that values your contributions, champions your development, and empowers you to pursue your passions.

Our Organizational Values and Behaviors

Values: Innovation, Integrity and Impact sit at the heart of what we do.

Behaviors: We come together as ‘One Astellas’, working with courage and a sense of urgency. We are outcome focused and consistently take accountability for our personal contribution.