Senior Security Architect - Homeworking, open to flexible working

Homeworking, UK
18 May 2021
13 Jun 2021
Contract Type

Does involvement and improvement of cyber security for GSK excite you? If so, this opportunity could be the perfect fit for your career.

GSK is looking for a Senior Security Architect specializing in Endpoint Security. This role is an exciting opportunity within GSK Tech Security & Risk (TSR) organisation who provide services and expertise to enable a risk based, compliant, efficient, secure and value driven Technology Delivery. As GSK continues its digital transformation, the security of platforms for infrastructure, data and applications must be elevated to utilize the latest and most effective capabilities available. The successful candidate will have strong technical & consultative skills as well as relevant experience in IT Security Architecture & Engineering. The successful candidate will be required to collaborate with technologists within GSK and other business entities.

This role will report to the Director of App & Infrastructure within the Architecture team of the Security & Risk Organisation. The Senior Security Architect will lead on developing the endpoint security architecture and strategy when related to end user devices. The candidate will support the GSK cyber security program team, as a technical leader in the architecting of modern endpoint security solutions which are essential to manage risk when devices are increasing off-network due to COVID and as we move towards a Zero-Trust/SASE architecture. The candidate will act as an interface with technical experts in the Core Tech, Security Operations and BU aligned Risk teams as they build out internal & external capabilities on behalf of GSK and our customers. The candidate must be capable of understanding the threats to our platforms from internal and external sources, be able to direct and coach team members on mitigation solutions. The candidate will ensure processes and technology align with the Tech Transformation Strategy within GSK and it complement the other functions within Tech Security & Risk function. The candidate must ensure the deployment and operational security requirements are modern and scalable, align with the vision of the GSK Chief Digital Officer and Chief Information Security Officer.

Key Responsibilities:

  • Closely collaborate with the Tech Security & Risk peers and the wider Tech organisation within GSK to identify key business drivers, risks and security capability requirements
  • Develop GSK's endpoint security architecture and strategy, fit for purpose for a large pharmaceutical with a global footprint
  • Present the architecture and strategy to stakeholders across the Tech organisation to get buy-in for the vision and roadmap
  • Provide input and direction for technology decisions and investments related to the strategy
  • Closely collaborate Tech Security & Risk peers and the wider Tech organisation within GSK to incrementally deliver against the strategy
  • Support Tech Security & Risk peers in delivery of their own security strategies
  • Support the wider Tech organisation to enable them to deliver their network related initiatives in a secure manner

Why you?

Basic Qualifications:

We are looking for professionals with these required skills to achieve our goals:

  • Bachelor's Degree
  • 5+ years experience in Information Security
  • 10+ years experience in Information Technology

Preferred Qualifications:

If you have the following characteristics, it would be a plus:

  • Master's in Information Security or related field
  • Experience architecting and deploying endpoint security solutions in large enterprise organisations
  • Experience with the following endpoint capabilities / technologies:
    • Device Asset and configuration management including patching
    • Mobile Device Management and Mobile App Management
    • Device hardening and encryption
    • Software deployment/management technologies
    • DLP and cloud based SWG integration
    • Endpoint threat detection including AV and EDR capabilities
    • Browsers incl. plugins/extensions management
    • Integration with MS technologies such as Intune, Azure AD etc.
    • Configuration of O365 Security controls
    • Experience with Windows, Mac, IOS and Android
    • Understanding of SASE principles and technologies
  • Experience deploying similar capabilities to servers desirable
  • Experience with building solutions on cloud platforms (Azure and GCP)
  • Experience in maintaining and enhancing security standards to align to industry best practice in relation to emerging technologies
  • Familiarity/experience with Architecture frameworks such as SABSA, TOGAF etc.
  • CISSP/ISSAP or other industry network, security and cloud certifications desirable
  • Proven experience working and influencing cross functionally
  • Pragmatic and focused on delivering value to the business
  • Strong and clear communication skills - verbal and written
  • Ability to engage with leadership teams
  • Highly self-motivated, directed, and can work independently without supervision
  • Prepared to work at a low level of detail where necessary

Why GSK?

Our values and expectations are at the heart of everything we do and form an important part of our culture.

These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities:

  • Agile and distributed decision-making - using evidence and applying judgement to balance pace, rigour and risk
  • Managing individual and team performance.
  • Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution.
  • Implementing change initiatives and leading change.
  • Sustaining energy and well-being, building resilience in teams.
  • Continuously looking for opportunities to learn, build skills and share learning both internally and externally.
  • Developing people and building a talent pipeline.
  • Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation.
  • Building strong relationships and collaboration, managing trusted stakeholder relationships internally and externally.
  • Budgeting and forecasting, commercial and financial acumen.

GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.