Incident Response Strategy Manager

    • Rogers, AR

Site Name: USA - Arkansas - Bentonville
Posted Date: Mar 2 2020
This role will be a critical function responsible for helping manage, mature and execute on the company's incident response (IR) playbook. This role will be part of a fast-paced operational area within the Cyber Security department. The leader in this role will work to handle the ever-changing threat landscape while also using current resources, ongoing development of their workforce and input in strategic planning to ensure the company has the appropriate tools to deal with cyber incidents across the corporate portfolio. This role will build programs to assist in the management of traditional IR capabilities This role will support teams who are responsible for application of threat intelligence and information as well as hunt team abilities related to machine learning, artificial intelligence and related analytical capabilities. The role will execute on incident management plans while offering recommendations for process refinement across the technology footprint of GSK. This role must also help ensure the confidentiality and data integrity within the GSK network and extended boundaries.

  • Coordinate SIRT team's incident response and forensics tasks in order to make sure an incident is correctly prioritized and the incident response subtasks execute appropriate playbooks and meet agreed SLA
  • Candidate should be familiar with security incident response processes, network investigative techniques, cyber security trends and issues, and strategic program initiatives
  • Candidate will be responsible for continuous improvement and overall program management for SIRT initiatives; including training, communication, and relationship management with other business areas and vendor partners.
  • The manager will serve as an escalation point for high/critical network security incidents and have the ability to draw together data from disparate sources, and have broad experience coordinating large scale incident response that would include tech and non tech related business stakeholders
  • Work with internal and trusted external intelligence related to indicators of compromise (IOC's) to be converted to actionable information which can be used to strengthen the corporate security posture
  • Lead across functional areas of technology to ensure access and visibility to data sources and other action items which can be used to strengthen defense and detection capabilities within GSK networks
  • Oversee day to day operations and personnel management which my also include third party incident response and/or threat hunting resources
  • Provide appropriate escalation of information which enables visibility and decision-making process to various Tech departments along with Information Security and Risk leadership team
  • Develop, improve, and execute on business plans which improve security posture and align to help meet the needs of business partners

Why you?
Basic Qualifications:
We are looking for professionals with these required skills to achieve our goals:
  • Bachelor Degree or equivalent work experience
  • 5 years' experience in physical and/or digital information and/or incident handling
  • 3 years' experience creating and presenting technical strategies and technical solution recommendations.
  • 3 years' experience leading cross-functional teams.

Preferred Qualifications:
If you have the following characteristics, it would be a plus:
  • Masters degree or further advanced qualification from professional IT security body (i.e. ISACA CISM or CISSP) in Information Technology, Information Security, Information Assurance, Information Management
  • Deep understanding of organizational and architectural challenges in Public Cyber company including board and senior management briefings, used to form strategy and process
  • Vendor relationships and experience working in NDA and future tech solutions to allow for strategy development of deployable infrastructure from TechOPs and Cloud perspectives
  • Solid background and experience around network engineering, systems administration, scripting, correlation, analytics, multiple operating systems exposure to at least the administrator level (Windows, Linux, UNIX)


Why GSK?
Our values and expectationsare at the heart of everything we do and form an important part of our culture.
These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:

  • Agile and distributed decision-making - using evidence and applying judgement to balance pace, rigour and risk.
  • Managing individual and team performance.
  • Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
  • Implementing change initiatives and leading change.
  • Sustaining energy and well-being, building resilience in teams.
  • Continuously looking for opportunities to learn, build skills and share learning both internally and externally.
  • Developing people and building a talent pipeline.
  • Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation.
  • Building strong relationships and collaboration, managing trusted stakeholder relationships internally and externally.
  • Budgeting and forecasting, commercial and financial acumen.


If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at 1-877-694-7547 (US Toll Free) or +1 801 567 5155 (outside US).

GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit GSK's Transparency Reporting For the Record site.

GSK is a uniquely science-led global healthcare organization on a mission to help people do more, feel better, and ultimately live longer.

GSK Company Image


Back to top