Incident Response Specialist

Astellas
Apply for Job

Job Details

  • Location: Markham, ON, L3R 0B8
  • Date Posted: 2026-04-10
  • Employment Type: Full Time
  • Category: Information Security Analysts
  • Req Number: 26-POS00077803M
Apply for Job

Description

Incident Response Specialist

About Astellas

Astellas is a global life sciences company committed to turning innovative science into VALUE for patients. We provide transformative therapies in disease areas that include oncology, ophthalmology, urology, immunology and women's health. Through our research and development programs, we are pioneering new healthcare solutions for diseases with high unmet medical need. Learn more at Astellas.com.

Are you driven to make a real difference in the lives of patients?

We're seeking passionate individuals who thrive in dynamic environments, embrace new ideas, and aren't afraid to take intelligent risks. People who act with unwavering integrity and are deeply committed to making a tangible impact.

 

Purpose and Scope

As an Incident Response Specialist, you will play a critical role in safeguarding Astellas’ information systems and data by leading and coordinating the response to cyber security incidents across the enterprise. This position has arisen as part of Astellas’ strategy to mature its insourced security operations and establish a ‘best in industry’ incident response capability that operates effectively across a diverse and evolving technology landscape.

The successful candidate will work in a tool-agnostic manner across multiple security platforms and environments, ensuring consistent, efficient, and high-quality response to security incidents. You will collaborate closely with the Security Operations Center (SOC), infrastructure teams, and other Value Teams to contain threats, minimize business impact, and continuously improve response processes and resilience across the organization.

Essential Job Duties

Incident Response Leadership:

  • Lead and coordinate end-to-end incident response activities using an industry-recognized framework (e.g., NIST, SANS), from detection through containment, eradication, and recovery.
  • Act as the primary escalation point for complex or high-severity security incidents.
  • Ensure consistent and effective response across multiple tools, platforms, and environments (cloud, on-prem, endpoints, OT where applicable).

Investigation and Forensics:

  • Conduct detailed technical investigations, including log analysis, endpoint forensics, and network analysis to determine root cause and scope of incidents.
  • Preserve and manage forensic evidence in line with legal and regulatory requirements.
  • Produce clear and structured post-incident reports, including root cause analysis and recommendations.

Tool-Agnostic Operations:

  • Operate across a wide range of security tooling (SIEM, EDR, SOAR, cloud security platforms) without reliance on a single vendor ecosystem.
  • Correlate data from multiple sources to build a comprehensive view of incidents.

Process Improvement and Playbooks:

  • Develop, maintain, and optimize incident response playbooks and runbooks.
  • Identify gaps in detection and response capabilities and work with engineering and SOC teams to improve coverage.

Collaboration and Communication:

  • Work closely with SOC analysts, threat hunters, and threat intelligence teams to enhance detection and response outcomes.
  • Provide clear and timely communication to stakeholders, including senior leadership, during incident situations.

Exercises and Readiness:

  • Support and lead incident response simulations, tabletop exercises, and purple team activities.
  • Contribute to building organizational readiness and resilience against cyber threats.
Apply for Job