As a Senior Security Solutions Engineer, Tech Security & Risk you will be joining a team of information security experts aligned to both the central information security function (Tech Security & Risk) and the Consumer Tech and Consumer Business functions.
In this role you will be responsible for:
• To be an information security expert supporting both the Consumer Healthcare (CH) Business and Tech groups
• To embed security requirements and controls (commensurate with risk level) at the start of projects/new initiatives
• To carry out expert security assessments for the CH tech and CH business utilizing a thorough understanding of the Consumer business strategy and operations
• As the Consumer organization is at the forefront of digital transformation, to partner early to understand security implications and to recommend relevant mitigations/controls
• To partner effectively with the GRC team within the wider team to provide our customer with a holistic security and risk/compliance assessments
• To build a dashboard view of security and risk for the business that drives clear action to ensure that Information Security is part of the business strategy.
• Be the owner (end to end) for security incidents within Consumer Healthcare, partnering with the central cybersecurity operations team.
• Positively influence the security posture for Consumer Healthcare – driven by business and changing security threat landscape
• Manage new threats on behalf of the CH business – recommend and embed appropriate mitigation activities
• Partner with the central information security and GRC teams to provide CH input for all new central strategies, architectures and processes (to ensure they will be effective and not disrupt CH). Embed those central initiatives into the business and tech teams where relevant
• To be the go-to person for Consumer Healthcare Tech and the Business for information security
• To create balanced and actionable expert information security assessments based on a thorough and up to date understanding of:
The CH Business/Tech strategies, drivers and priorities
The CH security posture and risk appetite
The latest security threats and risks specific to CH
• To own and be expert in one or more of the following information security disciplines:
Identity and Access
Data Governance and Data Protection
Network and Systems Security
Mergers, Acquisitions and Divestitures
• To positively influence, drive and improve the security posture of CH business and tech by partnering with both the central information security teams and tech/the business (close security gaps)
• To create and maintain a compelling, actionable security dashboard (KPIs) for Consumer Healthcare. Use this dashboard to drive visibility and positive action
• To serve as a coach and mentor to peers and engage in upskilling activities for the overall team
• To communicate the “voice of Consumer Healthcare” back into the central information security team influencing both current and future initiatives
• Ability to operate well across geographies, cultural boundaries and seniority levels where clear and concise communication is key
Why You?Basic qualifications:
We are looking for professionals with these required skills to achieve our goals:
• 5+ years’ experience as a system security engineer, network engineer or information security engineer
• Hands on experience of security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
If you have the following characteristics, it would be a plus:
• Bachelor's Degree
• Experience with network security and networking technologies and with system, security, and network monitoring tools
• Thorough understanding of the latest security principles, techniques, and protocols
• Problem solving skills and ability to work under pressure
• Ability to present technical topics to audiences of varying technical abilities, from senior leadership to technical experts.
• Ability to work with multiple stakeholders to promote thoughtful, practical solutions to tough security problems.
• Experience designing secure networks, systems and application architectures
Our values and expectations are at the heart of everything we do and form an important part of our culture.
These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:
• Agile and distributed decision-making – using evidence and applying judgement to balance pace, rigour and risk.
• Managing individual and team performance.
• Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
• Implementing change initiatives and leading change.
• Sustaining energy and well-being, building resilience in teams.
• Continuously looking for opportunities to learn, build skills and share learning both internally and externally.
• Developing people and building a talent pipeline.
• Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation.
• Flexible working hours
• Competitive salary, annual bonus plan
• Extended private medical care
• Life insurance and pension plan
• Free car and bike parking [only in Poznan]
You may apply for this position online by selecting the Apply now button.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.