Sr Security Engineer, Vulnerability Management

3+ months agoBangalore, India

Site Name: India - Karnataka - Bengaluru
Posted Date: May 17 2021

GSK is one of the world's foremost pharmaceutical and healthcare companies, and we are proud to be part of an industry that improves the lives of others. We are embarking on a significant transformation journey that will support GSK in becoming a top-quartile data-enabled organisation.

This is an exciting time to join GSK. The world of master data management is changing, and it is no longer just about managing data. You will be part of a team that is building a robust master data management framework and service, that will allow GSK to drive higher value by placing data at the core of their strategic and operational decisions. We will be embracing new data technology that will improve the development, manufacture, and distribution of GSK's vital products to patients and consumers around the world.

This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following.


The Sr Security Engineer, Vulnerability Management works within GSK's Vulnerability Management team, providing senior level engineering support to staff/systems utilizing infrastructure tools, active directory, Azure, patch management, and vulnerability management services. This includes configuring scanner appliances and scanning profiles, ensuring scan coverage and frequency is maintained and monitored effectively.

  • Identify gaps or vulnerabilities in systems across the company, which includes managing and modifying security scan profiles as per the baseline standards.
  • Perform security analysis of the different layers of the systems by performing automated system vulnerability assessment scans using various vulnerability scanners.
  • Review the systems security architecture and create security test plans based on existing and planned controls and recommendations.
  • Review scanner reports and work with the systems owners to remediate issues following a risk-based approach.
  • Continuously monitor the published vulnerabilities for various applications, operating systems, and database layer.
  • Work with system owners on ensuring validation scans are performed within the vulnerability's agreed remediation SLAs.
  • Maintenance of documents, procedures, reporting, and stakeholder communications
  • Participate in Proof of Concept activities of various vulnerability scanning/remediation tools
  • Adhere to industry specific local, state, and federal regulations, as applicable
We are looking for a Senior Security Engineer and if you have these skills, we would like to speak to you.
  • BS in Computer Science, Information Technology, or related field and 8 years of experience in Information Technology, particularly in Cybersecurity (Vulnerability Management) or MS in Computer Science or related field and 5 years of experience in Information Technology.
  • Demonstrate vulnerability management subject matter expertise
  • Experience with vulnerability management tools, especially scanning tools
  • Excellent organizational and planning skills
  • Expertise with common security vulnerabilities and the ability to judge their severity and impact to the business
Why GSK?

Our values and expectations are at the heart of everything we do and form an important part of our culture. These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance and trust, the successful candidate will demonstrate the following capabilities.



Our goal is to be one of the world's most innovative, best performing and trusted healthcare companies. We believe that we all bring something unique to GSK and when we combine our knowledge, experiences and styles together, the impact is incredible. Come join our adventure at GSK where you will be inspired to do your best work for our patients and consumers. A place where you can be you, feel good and keep growing.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.

GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKilne (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.

If you come across unsolicited email from email addresses not ending in or job advertisements which state that you should contact an email address that does not end in "", you should disregard the same and inform us by emailing, so that we can confirm to you if the job is genuine.

Job ID: glaxo-277792-en-us