Are you ready to tackle a pivotal role in shaping the future of cyber security reporting? As a Cyber Security Reporting Manager, you will be at the forefront of designing, maintaining, and presenting high-quality cyber risk and operational health metrics. Your work will drive informed decisions and measurable risk reduction across AstraZeneca, ensuring transparency, compliance, and continuous improvement. You will collaborate with partners across all departments to deliver consistent, accurate, and actionable reporting that reaches senior leadership forums.
Responsibilities
* Metrics Strategy and Governance: Define and evolve the reporting framework for cyber risk, control effectiveness, incident trends, and operational health, ensuring alignment with AstraZeneca's policies and strategic priorities.
* Reporting Pack Delivery: Build and deliver comprehensive reporting packs to multiple stakeholder levels, including monthly tiered metrics to all leadership teams across AstraZeneca, with clear narratives, insights, and recommended actions.
* Data Quality and Automation: Partner with data owners to improve data completeness, accuracy, and timeliness; drive automation and standardization of dashboards and reports to reduce manual effort and increase reliability.
* Stakeholder Engagement: Collaborate closely with all Cyber Security domains, IT teams, and Business Technology Groups to consolidate inputs, validate findings, and ensure reporting reflects current posture and priorities.
* Compliance and Operational Health: Track and report on compliance with internal policies and external standards; surface operational health indicators (e.g., patching, vulnerability management, identity hygiene, control coverage) and drive accountability for remediation.
* Executive Communication: Translate technical detail into clear, compelling narratives for non-technical audiences; present findings in forums ranging from working groups to senior leadership meetings.
* Continuous Improvement: Identify trends, gaps, and opportunities; recommend and track corrective actions; evolve KPIs/KRIs to reflect emerging risks and business needs.
Qualifications
* Experience working in complex, multinational, corporate environments, where partners and team members are geographically dispersed.
* Experience in working with a range of technical and non-technical partners to translate requirements into actionable reporting.
* Demonstrable experience in analysing data from multiple sources, including Microsoft 365, Snowflake, SQL databases, and ServiceNow to identify patterns, trends, and key metrics with ability to produce an effective, insight-driven reporting portfolio using data visualisation tools such as PowerBI or Tableau, with a focus on clarity, accuracy, and actionability.
* Strong written and verbal skills with the ability to craft concise executive summaries, compelling visuals, and clear narratives that highlight risk, impact, and action.
* Skilled at translating complex technical concepts for both technical and non-technical audiences with meticulous attention to detail.
* Excellent problem solving and troubleshooting skills, autonomous working, direction and goal setting, with an ability to prioritise, re-schedule and adapt to changes in a dynamic environment.
* Demonstrable experience in Cyber Security, IT Risk, IT Operations, or related data/reporting/analytics roles.
* A relevant technical degree, competence or equivalent industry certification.
Desirable Skills/Experience
* A security / risk management related certification e.g. CISSP, CISM, CRISC etc
* Familiarity with NIST CSF, ISO 27001, CIS Controls, and regulatory expectations relevant to pharma/healthcare
* Understanding of core security domains such as vulnerability management, identity and access management, incident response, endpoint protection, cloud security, and compliance frameworks
* Understanding and experience of working in other IT disciplines and across a range of industries and sectors
* Experience with report automation, scripting, and API integrations
#J-18808-Ljbffr