Senior Lead Cyber Security Risk Analyst

Our Cyber Security organisation enables GSK to take on some of the biggest healthcare challenges in the world by protecting our business, customers, and patients from cyber risks. We are investing in growing our Cyber Security teams because they play a pivotal role as the nature and types of threats get more sophisticated.

In this ever-evolving digital and technology landscape, it is critical to stay on top of issues that could cause us harm. This requires a deep understanding of cybersecurity concepts, techniques, and trends along with critical thinking. Our Cyber Security teams are continuously learning and developing their skills to protect against bad actors, allowing GSK to stay focused on what matters most – getting ahead of disease together.

Key Responsibilities

• Identifying risk and mitigation, process improvements, pulling together information that team reports out to larger audience.
• Conduct regular security audits and assessments to identify potential weaknesses in existing security measures and make recommendations for improvements.
• Conduct network risk assessments to identify potential security risks and vulnerabilities.
• Evaluate the effectiveness of existing security controls and suggest improvements.
• Collaborate with cross-functional teams to gather necessary information for risk assessments.
• Analyze and interpret network security logs, incident reports, and other relevant data to identify potential breach areas or patterns.
• Develop risk assessment reports, presenting findings and recommendations to management and other stakeholders.
• Stay up to date with emerging security threats and trends and make recommendations for proactive measures to prevent potential risks.
• Ensure compliance with all relevant legal and regulatory requirements related to security and risk management.
• Monitor risk landscape and identify emerging and future risks.
• Proficient with multiple domain-specific cyber security technology solutions and can effectively integrate them to meet and exceed GSK’s requirements.
• Test the effectiveness of GSK’s cyber security technologies to identify and articulate opportunities for improvement across the digital, physical, and social elements of GSK.
• Understand the interaction of business and technology processes / risks and can explain it in business terms to both technical and non-technical audiences.
• Provide advice on security best practices, and guide GSK in developing and implementing security policies aligned to network/infrastructure.
• Evaluate and recommend emerging security products that enable and optimize network/infrastructure.
• Prepare monthly dashboards, statistics, and executive reports for the management.

Minimum Level of Job-Related Experience Required

• 6 - 10 years of experience in IT risk and technology in a large organization of which 5 years in information security experience in cyber risk and relevant experience with Infrastructure/Network 

Additional Responsibilities

• Experience integrating and supporting various enterprise security tools, Risk assessment tools.
• CISSP, CISM Preferred 
• Subject matter expertise in conducting security risk assessments for technology infrastructure and network.
• Proficient in network security tools and technologies such as firewalls, intrusion detection/prevention systems, and vulnerability scanners
• Understanding of control and risk management concepts and knowledge of the operational aspects of the information risk business
• Strong knowledge of network infrastructure, protocols, and security technologies
• Knowledge of risk management policies, methods, standards, processes, governance models, and industry-standard risk analysis approaches
• Knowledge of LAN, WAN and Data Centre network & Security industry standards relevant to data communications / networking and computing.
• Knowledge on Security best practices and experience in Network solutioning, Operations and Project Management.
• The ideal candidate possesses excellent communication skills and the ability to communicate inherently complicated technical concepts to non-technical stakeholders of all levels. 

Inclusion at GSK:

As an employer committed to Inclusion, we encourage you to reach out if you need any adjustments during the recruitment process.

Please contact our Recruitment Team at IN.recruitment-adjustments@gsk.com to discuss your needs.

Why GSK?

Uniting science, technology and talent to get ahead of disease together.

GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. We prevent and treat disease with vaccines, specialty and general medicines. We focus on the science of the immune system and the use of new platform and data technologies, investing in four core therapeutic areas (infectious diseases, HIV, respiratory/ immunology and oncology).

Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves – feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.

GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKline (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.

If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in “gsk.com”, you should disregard the same and inform us by emailing askus@gsk.com, so that we can confirm to you if the job is genuine.