OT Risk Senior Service Manager, Open to flexible working
The GSK Tech Security and Risk function is accountable for driving security requirements for Global operations to reduce our exposure to cyber threat.
The primary purpose of the role is to develop and maintain a service for the delivery of quantitative risk analysis and reporting of Cyber Security risks before and after treatments are applied, and delivery of materials and reports to enable data driven business decisions for funding and implementing of cyber security treatments.
The successful candidate will have strong communication skills, excellent attention to detail and a technical ability to leverage technology in support of risk analysis and reporting. The candidate will be a technical authority with accountability to interface, partner and collaborate with Technical and Business Experts, Third Party Service Providers who directly and indirectly support the Operational Technology environment.
This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following...
- Management of End to End OT Risk Management service solutions and service levels.
- Responsibility for managing offshore global teams.
- Maintain design authority for all new and existing OT risk management frameworks and supporting tools Maintain design authority (in association with architects) for all new and existing applications in the domain.
- Provides leadership, technical direction and GSK expertise to project and support teams composed of GSK FTEs, outsourced resources from strategic partners and software vendors.
- Ensure OT Risk Management services are maintained and focused on customer value and compliance to relevant policies and procedures.
- Maintains deep understanding of key technologies and their strategic directions to enable effective impact assessments of any proposed strategic changes or design choices.
- Drives continuous improvement through vendor partnerships.
- Proactively supports Service Director to develop and deliver continuous improvement of application/infrastructure portfolio to enhance user productivity, increase system reliability and reduce the total cost of ownership.
- Take ownership of OT risks and engage with the OT program teams and BUs to ensure the right controls are prioritized as to mitigate the highest risks .
- Provide training on key products and ensure customer satisfaction
We are looking for professionals with these required skills to achieve our goals:
- Bachelor's degree in Computer Science, InfoSec, Risk Management, Finance, Economics, Mathematics, Actuarial Science or related field 3 years experience in Cyber Security role
- Experience managing risk and risk registers
- Experience in risk management solutions and business requirements gathering (e.g. RSA Archer, FAIR etc)
- Experience in the delivery and deployment of risk management solutions (e.g. RSA Archer, FAIR etc)
If you have the following characteristics, it would be a plus:
- Open certification for Factor Analysis of Information Risk (FAIR)
- Awareness of Cyber Security within an Operational Technology environment including knowledge of industry best practice frameworks (i.e. NIST, IEC 62443 and the NIS Directive)
- Knowledge of software and mathematical techniques for quantifying risk
- Excellent written and verbal communication skills with an ability to explain technical issues to both technical and non-technical audiences from the automation/plant floor up to the boardroom
- Significant knowledge of cyber security concepts and terminology
- Experience in quantifying information and operational risks
- Proven experience delivering services
- Managing relationships to facilitate and deliver business outcomes
Our values and expectations are at the heart of everything we do and form an important part of our culture.
These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:
- Agile and distributed decision-making - using evidence and applying judgement to balance pace, rigour and risk.
- Managing individual and team performance.
- Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
- Implementing change initiatives and leading change.
- Sustaining energy and well-being, building resilience in teams.
- Continuously looking for opportunities to learn, build skills and share learning both internally and externally.
- Developing people and building a talent pipeline.
- Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation.
- Building strong relationships and collaboration, managing trusted stakeholder relationships internally and externally.
- Budgeting and forecasting, commercial and financial acumen.
GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, colour, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.