Senior Manager Supplier Cyber Security Risk and Assurance

GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to impact the health of 2.5 billion people around the world in the next 10 years.

Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves – feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together.

Senior Manager Supplier Cyber Security Risk and Assurance

Key Responsibilities:

• Maintain and mature the third-party risk management process framework for security risk, including necessary standards, procedures, and technologies
• Evangelize third-party risk management processes across business lines to help influence a strong culture of proactive awareness for third-party risks
• Provide any necessary training and awareness related to the third-party security risk assessment process
• Contribute to the gathering and distribution of periodic program metrics and/or dashboards
• Provide insights on other security risk management matters, as necessary, in collaboration with the broader GRC/Cyber Risk team
• Provide clarifying support, where necessary, to internal third-party relationship owners or third-party representatives in their efforts to provide responses to the security risk assessment questionnaire
• Coordinate with Legal and Procurement representatives to ensure proper security and privacy clauses are included in third-party contracts
• Execute and support the full lifecycle of information security and third-party risk assessments as needed, either individually or through available resources
• Effectively translate third-party responses to assessment questionnaire, using sound judgement, into concise risk exposure reporting for delivery to internal stakeholders
• Provide consultancy SME support in conducting security posture assessments as part of continuous monitoring or post breach scenarios to ensure that suppliers have adequate security controls
• Collaborate with internal third-party relationship owners and third-party representatives to recommend necessary security controls to effectively mitigate risks to GSK
• Ensure robust tracking and remediation of third-party security and privacy risk exposures identified through assessment processes
   

Why you?

Basic Qualifications:

We are looking for candidates with these required skills to achieve our goal

• 8+ years of proven experience in cyber security and/or third party security risk management
• Experience and knowledge across different frameworks and standards such as ISO 27001, NIST, CIS etc.
• Demonstrated experience and understanding of cyber security principles, IT security controls, and related technologies and products
• Prior experience in conducting cyber Security risk assessments and 3rd party security and data privacy assessments
• Stakeholder/ internal business management experience
• Ability to prioritize, delegate, and foster the development of high-performance teams to lead/support an environment driven by customer service and teamwork
• Exposure to any GRC technologies to conduct cyber risk management
  
   

Benefits:

• Career at one of the leading global healthcare companies
• Company Car or Car Allowance
• Long-Term incentives 
• Contract of employment 
• Attractive reward package (annual bonus & awards for outstanding performance, recognition awards for additional achievements and engagement, holiday benefits
•  Life insurance and pension plan
• Private medical package with additional preventive healthcare services for employees and their eligible
• Sports cards (Multisport)
• Possibilities of development within the role and company’s structure
• Personalized learning approach
• Extensive support of work life balance (flexible working solutions, short Fridays option, health & well-being activities)
• Supportive community and integration events
• Modern office with creative rooms, fresh fruits everyday
• Free car and bike parking, locker rooms and showers       

#LI-GSK

G6

Why GSK?

Uniting science, technology and talent to get ahead of disease together.

GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. We prevent and treat disease with vaccines, specialty and general medicines. We focus on the science of the immune system and the use of new platform and data technologies, investing in four core therapeutic areas (infectious diseases, HIV, respiratory/ immunology and oncology).

Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves – feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together.

GSK is an Equal Opportunity Employer. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, religion, sex (including pregnancy, gender identity, and sexual orientation), parental status, national origin, age, disability, genetic information (including family medical history), military service or any basis prohibited under federal, state or local law.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK’s compliance to all federal and state US Transparency requirements. For more information, please visit the Centers for Medicare and Medicaid Services (CMS) website at https://openpaymentsdata.cms.gov/