Vulnerability and Patch Governance Analyst

About Astellas: At Astellas, we believe that nurturing exceptional relationships with our employees delivers exceptional business results. Everyone at Astellas has a responsibility for creating a brighter future for patients around the world. From the first moment, Astellas will inspire you to put this ethos into practice – with a positive, agile company culture and with well-defined ethical principles, values, and systems Astellas’ Global Capability Centres – Overview Astellas’ Global Capability Centres (GCCs) are strategically located sites that give Astellas the ability to access talent across various functions in the value chain and to co-locate core capabilities that are currently dispersed. Our three GCCs are located in India, Poland and Mexico. The GCCs will enhance our operational efficiency, resilience and innovation potential, enabling a timely response to changing business demands. Our GCCs are an integral part of Astellas, guided by our shared values and behaviors, and are critical enablers of the company’s strategic priorities, sustainable growth, and commitment to turn innovative science into VALUE for patients. Purpose and Scope: The Vulnerability Management (ASM) Engineer will play a vital role in assisting with the organization's vulnerability management processes, patching governance, and system remediation initiatives. The ideal candidate will support the identification, tracking, and remediation of vulnerabilities, while also assisting in patch management cycles and helping address systems that are approaching end-of-life (EOL). Responsibilities and Accountabilities: Vulnerability Management: Perform vulnerability scanning using tools such as Qualys, Tenable.io, Rapid7 Nexpose, or OpenVAS to identify system vulnerabilities and security risks. Support in triaging and prioritizing vulnerabilities based on risk and impact to the organization. Document vulnerabilities and work with other teams to coordinate remediation efforts. Patching Governance: Assist in patch deployment efforts across the organization's systems and applications. Monitor patching status and ensure patch compliance across all platforms. Help track and document the progress of patch cycles and ensure patches are applied timely. EOL System Remediation : Assist in identifying legacy systems and applications approaching end-of-life (EOL) status. Collaborate with teams to recommend solutions, including patching or system replacements. Support efforts to implement compensating controls for unsupported systems. Reporting & Documentation: Assist in creating regular status reports for vulnerability management and patching activities. Contribute to the creation of internal documentation for processes and procedures. Provide input for reports to leadership regarding the status of vulnerability management, patching compliance, and EOL remediation. Collaboration: Work with IT teams, security teams, and other stakeholders to ensure vulnerabilities are addressed in a timely manner. Participate in regular meetings to discuss vulnerability trends, patching schedules, and system remediation plans Required Qualifications: Experience: 5 years of experience in IT security, vulnerability management, or related fields. Familiarity with vulnerability scanning tools like Qualys , Tenable.io , or Rapid7 Nexpose . Exposure to patch management tools such as SCCM , WSUS , or Ivanti is a plus. Technical Skills: Basic understanding of vulnerability management, patching processes, and remediation techniques. Familiarity with security frameworks such as CIS , NIST , or ISO 27001 . Fluent in written and spoken business English and Spanish. Certifications (Preferred): CompTIA Security or other relevant certifications. Soft Skills: Strong attention to detail and the ability to follow processes. Good communication skills for working within a team and interacting with stakeholders. Ability to learn quickly and stay updated with emerging vulnerabilities and security trends. Working Environment This position is based in Mexico City and will require hybrid work. At Astellas we recognize the importance of work/life balance, and we are proud to offer a hybrid working solution allowing time to connect with colleagues at the office with the flexibility to also work from home. We believe this will optimize the most productive work environment for all employees to succeed and deliver. Hybrid work from certain locations may be permitted in accordance with Astellas’ Responsible Flexibility Guidelines.

Location: Mexico, MX

Posted Date: 8/2/2025