US: Associate Director, Cloud Security & Integration Architect

Legend Biotech US•Somerset, NJ

7h•Hybrid

About The Position

Legend Biotech is a global biotechnology company dedicated to treating, and one day curing, life-threatening diseases. Headquartered in Somerset, New Jersey, they are developing advanced cell therapies across diverse technology platforms. Legend Biotech entered into a global collaboration agreement with Janssen to jointly develop and commercialize ciltacabtagene autolecuel (cilta-cel). The company is seeking an Associate Director, Cloud Security & Integration Architect as part of the IT team based in Somerset, NJ. This individual will lead cloud security and integration initiatives, system hardening, and tooling across the enterprise, leveraging leading-edge technologies to improve efficiency, support aggressive growth, and enhance the organization’s overall security posture. The role involves driving continuous improvement of the cloud security strategy, designing and facilitating cloud security implementations, and collaborating with cloud platform owners to create security guardrails and controls guidance. The architect will act as a subject matter expert on cloud security, reviewing and assessing cloud infrastructure architectures, and leading the Identity and Access Management program globally, contributing to a zero-trust strategy. Responsibilities also include developing and maintaining security frameworks, architectures, technical standards, and guidelines across identity, networks, infrastructure, and endpoints. This role leads a Global team, provides advisory support for all entities, and owns security and design control processes for all on-premise and cloud applications. The individual will evaluate security tooling, identify gaps with the ISO team, research new tools, and provide security architecture guidance for GxP environments to mitigate cyber threats. The ideal candidate will have a team-oriented approach, balancing security needs with user experience, and possess expertise in enterprise security architecture governance, industry-standard cybersecurity frameworks, cloud computing, and cloud architecture. Collaboration with various business units is essential to align cybersecurity controls and investments with company business and strategic goals.

Requirements

A minimum of a Bachelor’s Degree in a relevant discipline.
A minimum 15 years in Cybersecurity strategy, architecture and operations (programs and capabilities).
Relevant working experience, 10 years within pharmaceutical, biotech or cybersecurity industries.
Cloud security services (IAM, KMS, WAF, Shield, Defender, GuardDuty, Sentinel, etc.).
Identity and access management, including federation and privileged access management.
Network security: VPC/VNet design, firewalls, private connectivity, VPNs, and ExpressRoute/Direct Connect.
Infrastructure as Code (Terraform, Bicep, CloudFormation).
CI/CD and DevSecOps integration.
API security, integration platforms, and messaging systems.

Nice To Haves

Advanced degree is preferred.

Responsibilities

Define and maintain cloud security architecture standards for AWS, Azure, and/or GCP.
Design and enforce secure landing zones, network segmentation, identity models, and encryption strategies.
Lead implementation of Zero Trust, defense-in-depth, and least-privilege access models.
Align cloud security architecture with enterprise security frameworks (e.g., NIST, ISO 27001, CIS).
Architect secure integrations between cloud, on-premises, SaaS, and third-party platforms.
Define patterns for API security, event-driven architectures, middleware, and data integration.
Ensure resilience, scalability, and observability of integrated systems.
Oversee identity federation and SSO integrations (Azure AD / Entra ID, IAM, SAML, OAuth, OIDC).
Ensure cloud environments meet regulatory and compliance requirements (e.g., SOC 2, HIPAA, PCI-DSS, SOX, GDPR).
Partner with risk, audit, and compliance teams on security assessments and remediation plans.
Lead threat modeling and security architecture reviews for cloud initiatives.
Act as a technical authority and advisor for cloud security and integration decisions.
Mentor architects and senior engineers across cloud and security domains.
Collaborate with application, DevOps, and platform teams to drive secure cloud adoption.
Present architecture decisions and risk tradeoffs to senior leadership and executives.
Guide selection and implementation of cloud security tooling (CSPM, CWPP, SIEM, CASB, CNAPP).
Support incident response and forensic analysis for cloud-related security events.
Drive automation of security controls and policy enforcement.
Evaluate emerging cloud and security technologies and recommend adoption strategies.
Lead security and system documentation Non GxP and Non-GxP.
Lead and provide oversight with Enterprise Cyber Security in mind.
Lead the Security efforts for modern workplace.
Lead OT data and system Governance program and operations.
Oversee Legend’s Global Identity & Access Management (IAM).
Oversee User Access Management (UAM), Privilege Access Management (PAM/PIM) Services.

Benefits

Medical insurance
Dental insurance
Vision insurance
401(k) retirement plan with a company match that vests fully on day one
Eight (8) weeks of paid parental leave after just three (3) months of employment
Paid time off policy that includes vacation time
Personal time
Sick time
Floating holidays
Eleven (11) company holidays
Flexible spending accounts
Health savings accounts
Life and AD&D insurance
Short- and long-term disability coverage
Legal assistance
Supplemental plans such as pet insurance
Critical illness insurance
Accident insurance
Hospital indemnity insurance
Voluntary commuter benefits
Family planning and care resources
Well-being initiatives
Peer-to-peer recognition programs