Cloud Security Specialist
Site Name: GSK House, RTP, USA - Pennsylvania - Upper Providence, USA - Pennsylvania - Philadelphia
Posted Date: Mar 3 2020
This role is an exciting opportunity within GSK Tech Security & Risk (TSR) organisation who provide services and expertise to enable a risk based, compliant, efficient, secure and value driven Technology Delivery.
As GSK continues its digital transformation, the security of platforms for infrastructure, data and applications must be elevated to utilize the latest and most effective capabilities available.
The successful candidate will have strong technical & consultative skills as well as relevant experience in IT Security Architecture & Management. The successful candidate will be required to collaborate with technologists within GSK and other business entities.
This role will report to the Director of Secure Infrastructure and Compute within the Technology, Security & Risk Organisation. The Cloud Security Specialist will lead the evangelize and implementation of security for cloud computing workloads and design within the Compute & Infrastructure Security team. The candidate will support the GSK cyber security program team, as a technical leader in the design of the cloud security program around cloud compute and infrastructure security areas, such as on-prem, public hybrid and multi-cloud, SaaS etc. including cyber security areas such as network security, including OT security, endpoint security, host, mobile, container, ensuring a robust ecosystem that supports visibility and IR used by the internal GSK SOC organisation and more. The candidate will act as an interface with technical experts in the Platforms, Consumer, Pharma, Vaccines Technology teams as they build out internal & external capabilities on behalf of GSK and our customers.
The candidate must be capable of understanding the threats to our platforms from internal and external sources, be able to direct and coach team members on mitigation solutions. The candidate will ensure processes and technology aligns with the Tech Transformation Strategy within GSK and it compliments the other functions within TSR. The candidate must ensure the deployment and operational security requirements are modern and scalable, align with the vision of the GSK Chief Digital Officer and Chief Information Security Officer.
This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following:
- Assist in the definition of the strategy for overall GSK cloud security functions, architect for failure, a friction less engagement & user experience for our internal & external consumers.
- Support the Tech organisation within GSK in identifying key security capabilities to handle the scale of GSK's technology deployment.
- Operate in support of the GSK Agile Frameworks, VFQ and DevOps execution.
- Assist the TSR organisation in an overall analysis and base lining of the GSK cloud security tool suite to ensure we are utilizing the best of breed technologies in the most effective and efficient manner.
- Ensure that GSK is bringing on board the best cloud cyber security talent available and mentor the current team members.
- Provide input into strategic direction and technology decision activities within TSR for cloud investments.
- Understanding of Threat Landscape and ability to apply them in client context.
- Knowledge of security patterns (along with their integration approach) and apply them in the context of the GSK environment, patterns can be Technical Pattern or Process Patterns.
We are looking for professionals with these required skills to achieve our goals:
- Proven capability in Risk Management and Internal Controls
- Background in High Tech, especially in the area of Cloud Computing
- Proven experience working and influencing cross functionally
- Strong analytical skills, attention to detail
- Ability to engage with leadership teams
If you have the following characteristics, it would be a plus:
- 7-10 years experience in Information Security
- 10+ years experience in Information Technology
- CISSP/CCSK or other industry certifications desirable
- Familiarity/experience with Architecture frameworks such as SABSA, TOGAF etc.
- Experience in Engineering, IT/Comp Sci/ Information Assurance/ Cybersecurity/ Management
- Cloud experience/exposure -- particularly with regard to Microsoft, AWS and Google cloud service offerings
- Prepared to work at a low level of detail where necessary
- Strong and clear communication skills - verbal and written
- Support the development of security technology standard proposals
- Sense of Urgency
Our values and expectations are at the heart of everything we do and form an important part of our culture.
These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:
- Operating at pace and agile decision-making - using evidence and applying judgement to balance pace, rigour and risk.
- Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
- Continuously looking for opportunities to learn, build skills and share learning.
- Sustaining energy and well-being
- Building strong relationships and collaboration, honest and open conversations.
- Budgeting and cost-consciousness
If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at 1-877-694-7547 (US Toll Free) or +1 801 567 5155 (outside US).
GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit GSK's Transparency Reporting For the Record site.
Back to top