Cyber Risk Manager

Cyber Risk Manager will play a crucial role in helping to communicate, prioritise and reduce cyber risk, improve security

posture, and build cyber security resilience within R&D. Leveraging technical expertise and business acumen to balance and communicate

security risks to key business leaders and stakeholders. This role will be responsible for identifying, analysing, and influencing the management

of security risks across the business function.

This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following:
 

· Partner effectively with the business unit, GRC, Legal, and the wider Cyber Security Office (CSO) teams to eliminate overlaps and

provide a holistic and consistent cyber security posture.

· Ensure consistent and continual alignment to the business and CSO strategy through oversight of the Cyber Risk Management

framework, activities and processes including all aspects of Key Risk Indicator (KRI) metrics and risk profile reporting.

· Monitor and drive cyber risk management and information security, ensuring that operational controls, procedures, and resources are

in place to effectively identify and manage risk.

· Guide business owners and relevant stakeholders throughout the entire delivery lifecycle ensuring that information security is

considered in a proportionate and tailored way

· Support programs that develop business unit metrics to measure, report, and enable decision making regarding organizational

controls, compliance, and policy effectiveness.

· Facilitate process and walkthrough discussions to document end-to-end business processes, functional requirements, identify key

cyber risks and exposures, and advocate for control design.

· Work with business unit stakeholders to perform/assist risk assessments, business impact analyses, and tests of business continuity

plans, and continuously strengthen the corporate business continuity program and framework.

· Maintain current knowledge of cyber security and cyber risk management requirements and accreditation standards and monitor

changes in technology impacting security & risk posture.

· Engage in upskilling activities as necessary to maintain a high level of cyber security risk understanding.

· Propose ways of eliminating duplication and or automating tasks to ensure cost effectiveness and operational efficiency.

· Partner with outsourced third-party provider in effectively providing a cyber risk service reducing response times and improving on

integration and automation.

Why you?

Basic Qualifications:

We are looking for professionals with these required skills to achieve our goals:

• 7+ years of cyber security experience
• Deep experience and knowledge across different frameworks and standards such as ISO 27001, NIST, CIS etc.
• Demonstrated experience and understanding of cyber security principles, cyber risk management, IT security controls, and related technologies and products
• Stakeholder/ internal business management experience
• Strong verbal/written communication in English, with the ability to effectively interact with professionals at all levels of responsibility and authority
• Building and working with teams located in different countries around the world, aligning and adapting different work, culture and communication styles.
• Exposure to any technologies to conduct cyber risk management
• Experience conducting risk assessments and applying concepts of inherent and residual risk to draw appropriate conclusions and articulate the same to non-technical audiences.
• Ability to effectively negotiate appropriate remediation of security gaps with third party representatives to ensure protection of GSK information.

Benefits:

·       Career at one of the leading global healthcare companies

·       Company Car or Car Allowance

·       Long-Term incentives 

·       Contract of employment 

·       Attractive reward package (annual bonus & awards for outstanding performance, recognition awards for additional achievements and engagement, holiday benefits

·        Life insurance and pension plan

·       Private medical package with additional preventive healthcare services for employees and their eligible

·       Sports cards (Multisport)

·       Possibilities of development within the role and company’s structure

·       Personalized learning approach

·       Extensive support of work life balance (flexible working solutions, short Fridays option, health & well-being activities)

·       Supportive community and integration events

·       Modern office with creative rooms, fresh fruits everyday

·       Free car and bike parking, locker rooms and showers       

#LI-GSK

G6

Why GSK?

Uniting science, technology and talent to get ahead of disease together.

GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. We prevent and treat disease with vaccines, specialty and general medicines. We focus on the science of the immune system and the use of new platform and data technologies, investing in four core therapeutic areas (infectious diseases, HIV, respiratory/ immunology and oncology).

Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves – feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together.

GSK is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK’s compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at https://openpaymentsdata.cms.gov/