US: Associate Director, Cloud Security & Integration Architect

Legend Biotech US•Somerset, NJ

23h•Hybrid

About The Position

Legend Biotech is a global biotechnology company dedicated to treating, and one day curing, life-threatening diseases. Headquartered in Somerset, New Jersey, we are developing advanced cell therapies across a diverse array of technology platforms, including autologous and allogenic chimeric antigen receptor T-cell, T-cell receptor (TCR-T), and natural killer (NK) cell-based immunotherapy. From our three R&D sites around the world, we apply these innovative technologies to pursue the discovery of safe, efficacious and cutting-edge therapeutics for patients worldwide. Legend Biotech entered into a global collaboration agreement with Janssen, one of the pharmaceutical companies of Johnson & Johnson, to jointly develop and commercialize ciltacabtagene autolecuel (cilta-cel). Our strategic partnership is designed to combine the strengths and expertise of both companies to advance the promise of an immunotherapy in the treatment of multiple myeloma. Legend Biotech is seeking an Associate Director, Cloud Security & Integration Architect as part of the IT team based in Somerset, NJ. This individual will lead cloud security and integration initiatives with system hardening and tooling initiative across the enterprise. Be able to leverage leading-edge technologies, and improve efficiency, support aggressive growth, and improve the organization’s overall security posture. Drive continuous improvement of the cloud security strategy and lead designing and facilitating cloud security specific implementations and workflows enabled by tooling, templates and cloud native services. Will collaborate with cloud platform owners to create security guardrails controls guidance and perform as a subject matter expert on cloud security with expertise and responsibilities to review and assess cloud infrastructure architectures. This person will also lead and own the Identity and access management program and establish process and procedures for Legend globally and contribute to a zero trust strategy. In this role you will develop and maintain security frameworks and architectures, technical standards and guidelines across the security domains of identity, networks infrastructure and endpoints. This role will be leading a Global team will play an advisory role for all entity. The individual will lead and own the Security and Design control and process for all applications on-premise and cloud. Evaluating security tooling, work with the ISO team to understand any gaps in the tooling/environment, assist with researching new tools the business plans to implement. In addition, will provide security architecture guidance for GxP environments to mitigate potential cyber threats and risks. The right candidate must have team oriented approach that balances security needs and user experience to provide best in class security to the organization with subject matter expertise in enterprise security architecture governance and industry standard cybersecurity frameworks, cloud computing and cloud architecture. You will collaborate with various Business units to ensure cybersecurity controls and investments are aligned with the company business and strategic goals.

Requirements

A minimum of a Bachelor’s Degree in a relevant discipline
A minimum 15 years in Cybersecurity strategy, architecture and operations (programs and capabilities).
Relevant working experience, 10 years within pharmaceutical, biotech or cybersecurity industries.
Cloud security services (IAM, KMS, WAF, Shield, Defender, GuardDuty, Sentinel, etc.).
Identity and access management, including federation and privileged access management.
Network security: VPC/VNet design, firewalls, private connectivity, VPNs, and ExpressRoute/Direct Connect.
Infrastructure as Code (Terraform, Bicep, CloudFormation).
CI/CD and DevSecOps integration.
API security, integration platforms, and messaging systems.

Nice To Haves

Advanced degree is preferred.

Responsibilities

Define and maintain cloud security architecture standards for AWS, Azure, and/or GCP.
Design and enforce secure landing zones, network segmentation, identity models, and encryption strategies.
Lead implementation of Zero Trust, defense-in-depth, and least-privilege access models.
Align cloud security architecture with enterprise security frameworks (e.g., NIST, ISO 27001, CIS).
Architect secure integrations between cloud, on-premises, SaaS, and third-party platforms.
Define patterns for API security, event-driven architectures, middleware, and data integration.
Ensure resilience, scalability, and observability of integrated systems.
Oversee identity federation and SSO integrations (Azure AD / Entra ID, IAM, SAML, OAuth, OIDC).
Ensure cloud environments meet regulatory and compliance requirements (e.g., SOC 2, HIPAA, PCI-DSS, SOX, GDPR).
Partner with risk, audit, and compliance teams on security assessments and remediation plans.
Lead threat modeling and security architecture reviews for cloud initiatives.
Act as a technical authority and advisor for cloud security and integration decisions.
Mentor architects and senior engineers across cloud and security domains.
Collaborate with application, DevOps, and platform teams to drive secure cloud adoption.
Present architecture decisions and risk tradeoffs to senior leadership and executives.
Guide selection and implementation of cloud security tooling (CSPM, CWPP, SIEM, CASB, CNAPP).
Support incident response and forensic analysis for cloud-related security events.
Drive automation of security controls and policy enforcement.
Evaluate emerging cloud and security technologies and recommend adoption strategies.
Lead security and system documentation Non GxP and Non-GxP
Lead and provide oversight with Enterprise Cyber Security in mind
Lead the Security efforts for modern workplace
Lead OT data and system Governance program and operations
Oversee Legend’s Global Identity & Access Management (IAM)
Oversee User Access Management (UAM), Privilege Access Management (PAM/PIM) Services

Benefits

Medical, dental, and vision insurance
401(k) retirement plan with a company match that vests fully on day one.
Eight (8) weeks of paid parental leave after just three (3) months of employment
Paid time off policy that includes vacation time, personal time, sick time, floating holidays, and eleven (11) company holidays.
Flexible spending and health savings accounts
Life and AD&D insurance
Short- and long-term disability coverage
Legal assistance
Supplemental plans such as pet, critical illness, accident, and hospital indemnity insurance.
Voluntary commuter benefits
Family planning and care resources
Well-being initiatives
Peer-to-peer recognition programs
Performance-based bonus and/or equity is available to employees in eligible roles.