US: Associate Director, Cloud Security & Integration Architect

This individual will lead cloud security and integration initiatives with system hardening and tooling initiative across the enterprise. Be able to leverage leading-edge technologies, and improve efficiency, support aggressive growth, and improve the organization's overall security posture. Drive continuous improvement of the cloud security strategy and lead designing and facilitating cloud security specific implementations and workflows enabled by tooling, templates and cloud native services. Will collaborate with cloud platform owners to create security guardrails controls guidance and perform as a subject matter expert on cloud security with expertise and responsibilities to review and assess cloud infrastructure architectures. This person will also lead and own the Identity and access management program and establish process and procedures for Legend globally and contribute to a zero trust strategy. In this role you will develop and maintain security frameworks and architectures, technical standards and guidelines across the security domains of identity, networks infrastructure and endpoints. This role will be leading a Global team will play an advisory role for all entity. The individual will lead and own the Security and Design control and process for all applications on-premise and cloud. Evaluating security tooling, work with the ISO team to understand any gaps in the tooling/environment, assist with researching new tools the business plans to implement. In addition, will provide security architecture guidance for GxP environments to mitigate potential cyber threats and risks. The right candidate must have team oriented approach that balances security needs and user experience to provide best in class security to the organization with subject matter expertise in enterprise security architecture governance and industry standard cybersecurity frameworks, cloud computing and cloud architecture. You will collaborate with various Business units to ensure cybersecurity controls and investments are aligned with the company business and strategic goals., Cloud Security Architecture & Strategy

• Define and maintain cloud security architecture standards for AWS, Azure, and/or GCP.
• Design and enforce secure landing zones, network segmentation, identity models, and encryption strategies.
• Lead implementation of Zero Trust, defense-in-depth, and least-privilege access models.
• Align cloud security architecture with enterprise security frameworks (e.g., NIST, ISO 27001, CIS).

Cloud & Hybrid Integration Architecture

• Architect secure integrations between cloud, on-premises, SaaS, and third-party platforms.
• Define patterns for API security, event-driven architectures, middleware, and data integration.
• Ensure resilience, scalability, and observability of integrated systems.
• Oversee identity federation and SSO integrations (Azure AD / Entra ID, IAM, SAML, OAuth, OIDC).

Governance, Risk & Compliance

• Ensure cloud environments meet regulatory and compliance requirements (e.g., SOC 2, HIPAA, PCI-DSS, SOX, GDPR).
• Partner with risk, audit, and compliance teams on security assessments and remediation plans.
• Lead threat modeling and security architecture reviews for cloud initiatives.

Leadership & Stakeholder Engagement

• Act as a technical authority and advisor for cloud security and integration decisions.
• Mentor architects and senior engineers across cloud and security domains.
• Collaborate with application, DevOps, and platform teams to drive secure cloud adoption.
• Present architecture decisions and risk tradeoffs to senior leadership and executives.

Operational Excellence

• Guide selection and implementation of cloud security tooling (CSPM, CWPP, SIEM, CASB, CNAPP).
• Support incident response and forensic analysis for cloud-related security events.
• Drive automation of security controls and policy enforcement.
• Evaluate emerging cloud and security technologies and recommend adoption strategies.
• Lead security and system documentation Non GxP and Non-GxP
• Lead and provide oversight with Enterprise Cyber Security in mind
• Lead the Security efforts for modern workplace
• Lead OT data and system Governance program and operations
• Oversee Legend's Global Identity & Access Management (IAM)
• Oversee User Access Management (UAM), Privilege Access Management (PAM/PIM) Services

A minimum of a Bachelor's Degree in a relevant discipline, advanced degree is preferred., * A minimum 15 years in Cybersecurity strategy, architecture and operations (programs and capabilities).

• Relevant working experience, 10 years within pharmaceutical, biotech or cybersecurity industries.

IT Skills

• Cloud security services (IAM, KMS, WAF, Shield, Defender, GuardDuty, Sentinel, etc.). I
• Identity and access management, including federation and privileged access management.
• Network security: VPC/VNet design, firewalls, private connectivity, VPNs, and ExpressRoute/Direct Connect.
• Infrastructure as Code (Terraform, Bicep, CloudFormation).
• CI/CD and DevSecOps integration.
• API security, integration platforms, and messaging systems

#Li-LB1

The base pay range below is what Legend Biotech USA Inc. reasonably expects to offer at the time of posting. Actual compensation may vary based on experience, skills, qualifications, and geographic location. The company reserves the right to modify this range as needed and in accordance with applicable laws.

Other Types of Pay: Performance-based bonus and/or equity is available to employees in eligible roles.

Benefits and Paid Time Off: Medical, dental, and vision insurance as well as a 401(k) retirement plan with a company match that vests fully on day one. We offer eight (8) weeks of paid parental leave after just three (3) months of employment, and a paid time off policy that includes vacation time, personal time, sick time, floating holidays, and eleven (11) company holidays. Additional voluntary benefits include flexible spending and health savings accounts, life and AD&D insurance, short- and long-term disability coverage, legal assistance, and supplemental plans such as pet, critical illness, accident, and hospital indemnity insurance. We also provide voluntary commuter benefits, family planning and care resources, well-being initiatives, and peer-to-peer recognition programs; demonstrating our ongoing commitment to building a culture where our people feel empowered, supported, and inspired to do their best work.

Pay Range (Base Pay):

$168,372 - $220,988 USD

Please note: These benefits are offered exclusively to permanent full-time employees. Contractors are not eligible for benefits through Legend Biotech.

Legend Biotech is a global biotechnology company dedicated to treating, and one day curing, life-threatening diseases. Headquartered in Somerset, New Jersey, we are developing advanced cell therapies across a diverse array of technology platforms, including autologous and allogenic chimeric antigen receptor T-cell, T-cell receptor (TCR-T), and natural killer (NK) cell-based immunotherapy. From our three R&D sites around the world, we apply these innovative technologies to pursue the discovery of safe, efficacious and cutting-edge therapeutics for patients worldwide. Legend Biotech entered into a global collaboration agreement with Janssen, one of the pharmaceutical companies of Johnson & Johnson, to jointly develop and commercialize ciltacabtagene autolecuel (cilta-cel). Our strategic partnership is designed to combine the strengths and expertise of both companies to advance the promise of an immunotherapy in the treatment of multiple myeloma. Legend Biotech is seeking an Associate Director, Cloud Security & Integration Architect as part of the IT team based in Somerset, NJ., Legend Biotech was founded as an early-stage cell therapy company in 2014. The company was the brainchild of visionary scientists who recognized that antibody-based therapeutics could potentially treat disease and possessed the backgrounds in immunology and gene editing to take the leap. For two years, Legend Biotech, then known as the "Legend Project," operated in a room the size of a freight elevator, with the goal of creating a cell therapy for multiple myeloma, a hematological cancer that often relapses and can become refractory. The team produced nanobodies for single-domain antibody drugs and ultimately extended the half-life of the nanobodies with proprietary technologies. In 2015, Legend's scientists focused on research for chimeric antigen-receptor T-cells (CAR-T) targeting the BCMA protein, making the biotech one of the first companies in the world to engineer CAR-T cells for the BCMA protein. In 2016, investigator-initiated trials began in China. In 2017, data from the trials were presented at the American Society for Clinical Oncology (ASCO), which led to a partnership with biopharmaceutical company Janssen Biotech, Inc. to co-develop the anti-BCMA CAR-T, ciltacabtagene autoleucel (cilta-cel). Applications seeking approval of cilta-cel for the treatment of patients with RRMM are currently under regulatory review by several health authorities around the world. CARVYKTI (ciltacabtagene autoleucel) was approved by the U.S. Food and Drug Administration in February 2022 and received conditional marketing approval from the European Medicines Agency in May 2022. Today Legend Biotech is a global, commercial-stage company driven by a passion for patients. We continue to build our pipeline of cell therapy platforms, which includes CAR-T, CAR-NK, CAR-γδ T and non-gene-editing CAR technologies. Our goal is to bring hope and opportunity to patients and their families by continuing to explore unique technologies.