Application Security Director, Open to flexible working

1 day left

Location
Brentford (City/Town), London (Greater)
Salary
£Competitive
Posted
25 Mar 2021
Closes
18 Apr 2021
Ref
284562
Role
IT
Contract Type
Permanent

This role is an exciting opportunity within GSK Tech Security & Risk (TSR) organization who provide services and expertise to enable a risk based, compliant, efficient, secure and value driven Technology Delivery.
As GSK continues its digital transformation, the security of platforms for infrastructure, data and applications must be elevated to utilize the latest and most effective capabilities available.
The successful candidate will have strong technical & consultative skills, as well as, relevant experience in IT Security Architecture & Management. The successful candidate will be required to collaborate with technologists within GSK and other business entities.

This role will report to the Vice President of Security Architecture and Engineering within the Technology, Security & Risk Organization.

In this role you will lead the Vulnerability Management and Code Analysis team within the Security Architecture and Engineering team. The Director will support the GSK cybersecurity program team, as a technical leader in the design of the security programs around security areas such as Code Analysis (SAST, WAST,DAST, MAST), Vulnerability Management, Data Security and Emerging Tech in on-prem, public hybrid, multi-cloud and multi-tenanted environments. The candidate will act as an interface with technical experts in the Platforms, Consumer, Pharma, Vaccines Technology teams as they build out internal & external capabilities on behalf of GSK and our customers.

The candidate must be capable of understanding the threats to our platforms from internal and external sources and be able to direct and coach team members on mitigation solutions. The director will ensure processes and technology aligns with the Tech Transformation Strategy within GSK and it complements the other functions within TSR. The director must ensure the deployment and operational security requirements are modern and scalable, align with the vision of the GSK Chief Digital Officer and Chief Information Security Officer.

This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following:

  • Assist in the definition of the strategy for overall GSK security functions, focusing Vulnerability Management, Secure Code and Data Security
  • Support the Tech organization within GSK in identifying key security capabilities to handle the scale of GSK's technology deployment.
  • Operate in support of the GSK Agile Frameworks, VFQ and DevOps execution.
  • Assist the TSR organization in an overall analysis and baselining of the GSK security tool suite to ensure we are utilizing the best of breed technologies in the most effective and efficient manner.
  • Ensure that GSK is bringing onboard the best cyber security talent available and mentor the current team members.
  • Provide input into strategic direction and technology decision activities within TSR.
  • Understanding of Threat Landscape and ability to apply them in client context.
  • Knowledge of security patterns (along with their integration approach) and apply them in the context of the GSK environment, patterns can be Technical Pattern or Process Patterns.

Why you?

Basic Qualifications:

We are looking for professionals with these required skills to achieve our goals:

  • 7-10 years experience in Information Security
  • 10+ years experience in Information Technology

Preferred Qualifications:

If you have the following characteristics, it would be a plus:

  • Proven capability in Risk Management and Internal Controls
  • Background in High Tech
  • Proven experience working and influencing cross functionally
  • Strong analytical skills, attention to detail
  • Prepared to work at a low level of detail where necessary
  • Strong and clear communication skills - verbal and written
  • Support the development of security technology standard proposals
  • Ability to engage with leadership teams
  • Sense of urgency
  • Familiarity with vulnerability scanning tools
  • Good working knowledge of code analysis tools and methodology
  • Development background is a plus

Why GSK?

Our values and expectations are at the heart of everything we do and form an important part of our culture.

These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:

  • Agile and distributed decision-making - using evidence and applying judgement to balance pace, rigour and risk
  • Managing individual and team performance.
  • Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
  • Implementing change initiatives and leading change.
  • Sustaining energy and well-being, building resilience in teams.
  • Continuously looking for opportunities to learn, build skills and share learning both internally and externally.
  • Developing people and building a talent pipeline.
  • Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation.
  • Building strong relationships and collaboration, managing trusted stakeholder relationships internally and externally.
  • Budgeting and forecasting, commercial and financial acumen.

GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, colour, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Similar jobs

Similar jobs