Cyber Security Infrastructure Engineer

Site Name: UK - Hertfordshire - Stevenage, UK - London - Brentford
Posted Date: Feb 14 2020
GSK is seeking a Senior Security Infrastructure Engineer for OT who possess deep technical cyber security expertise combined with process control expertise. This role will help identify and evaluate security gaps, subsequently driving the implementation of solutions to mitigate security exposure. They will possess relevant cyber security technical skills through continuous research of the latest security vulnerabilities, threats, capabilities, and mitigation techniques. They are expected to anticipate security requirements, analyse and understand the business security posture and formulate right-sized solutions based on industry leading practices.

This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following:

  • OT Security Program assistance with project deliverables that include network architecture diagrams, engineering reports, compliance reviews, validation/qualification requirements and standards, policies, procedures.
  • Developing in depth knowledge of the GSK technology, systems and processes deployed to protect our manufacturing automation systems from cyber security threats
  • Analyse, design and document reference architectures for manufacturing automation system deployed across GSK aligned to industry standards and best practices to reduce the risk and impact of cyber security incidents
  • Work with key vendors to ensure vulnerabilities & threats are risk assessed and develop appropriate mitigation activities where required
  • Educating GSK site automation engineers, technicians and any related technical resources on OT cyber security best practices and standards
  • Work with the sites to capture & maintain a comprehensive OT asset inventory of all automation manufacturing systems and devices
  • Act as Technical authority or SME on GSK OT architecture and infrastructure with broad general knowledge on IT applications and infrastructure, as well as SME on manufacturing automation systems, device and applications
  • Performing requirements analysis and developing strategies and solutions for cyber security, risk, and information governance
  • Performing risk remediation cost-benefit-analysis for a variety of solutions
  • Translating technical requirements into business terms for executive stakeholders

Why you?

Basic Qualifications:
We are looking for professionals with these required skills to achieve our goals:
  • BS or equivalent level of experience
  • Proven direct experience in OT environments with implementation and support responsibility of cyber security functions such as but not limited to; security monitoring, network security, incident response, vulnerability management, as well develop plans for M&A/divestiture models as they relate to accompanying OT environments.

You will be able to demonstrate:
  • Deep understanding of pharmaceutical manufacturing and automation with regards to networks, reference architecture, and the threat landscape around OT. The ability to identify and evaluate security gaps, make recommendations, and provide implementation guidelines to mitigate security exposure. Possess relevant cyber security technical skills through continuous research of the latest security vulnerabilities, threats, capabilities, and mitigation techniques.
  • Analyze the design and reference architecture for manufacturing and automation systems across GSK for vulnerabilities and threats and provide a clear path of visibility and mitigation of threats that include the steps needed to identify, detect, protect, respond, and recover when necessary. Demonstrate a clear understanding of indicators of compromise (IOCs) and how to develop the necessary changes needed to resolve the threat with the environment. Gain an in-depth knowledge of GSK OT environment(s), systems, and processes deployed across the Enterprise and make recommendations in real-time to the security stack that protects the manufacturing and automation systems from a cyber security threat.
  • Provide communication and education to automation engineers, technicians, vendors, and any related technical resource on OT cyber security best practices and standards all while taking a lead role as the subject matter expert (SME) on GSK OT architecture, infrastructure, and manufacturing systems, devices, and applications. Must be able to influence and lead change across the organization without authority to hold individuals accountable.
  • Role requires global context and interaction based on in-country cyber rules and laws in collaboration between Cyber and Operational Technology Teams. Multi-Cultural sensitivity and learning is important in the role and in building a team.
  • High impact on global GSK Cyber Security Posture with an impact toward architecture and process changes. Sphere of influence within the operational technology (OT) and cyber organizations.

Why GSK?

Our values and expectationsare at the heart of everything we do and form an important part of our culture.
These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:
  • Agile and distributed decision-making - using evidence and applying judgement to balance pace, rigour and risk
  • Managing individual and team performance.
  • Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
  • Implementing change initiatives and leading change.
  • Sustaining energy and well-being, building resilience in teams.
  • Continuously looking for opportunities to learn, build skills and share learning both internally and externally.
  • Developing people and building a talent pipeline.
  • Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation.
  • Building strong relationships and collaboration, managing trusted stakeholder relationships internally and externally.
  • Budgeting and forecasting, commercial and financial acumen


As a company driven by our values of Patient focus, Transparency, Respect and Integrity, we know inclusion and diversity are essential for us to be able to succeed. We want all our colleagues to thrive at GSK bringing their unique experiences, ensuring they feel good and to keep growing their careers. As a candidate for a role, we want you to feel the same way.

We're open to all talent - whatever your gender, disability, marital status, religion or belief, age, race, sexual orientation, ethnic or national origin.

We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.

Please don't hesitate to contact us if you'd like to discuss any adjustments to our process which might help you demonstrate your strengths and capabilities. You can either call us on 0808 234 4391, or send an email ukdiversity.recruitment@gsk.com

As you apply, we will ask you to share some personal information which is entirely voluntary. We want to have an opportunity to consider a diverse pool of qualified candidates and this information will assist us in meeting that objective and in understanding how well we are doing against our inclusion and diversity ambitions. We would really appreciate it if you could take a few moments to complete it. Rest assured, Hiring Managers do not have access to this information and we will treat your information confidentially.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit GSK's Transparency Reporting For the Record site.


Back to top