Director of Access Management (Open to flexible working)
What is the purpose of this role?
Frontline Operations (FLO) is a function within the GSK Tech Ops group that globally looks after end user technology, local technology infrastructure, printing, digital signatures, end user access, service desk provision and several other distinct service areas.
In this role your primary purpose will be to ensure that GSK effectively and securely manages the provisioning and control of access to systems and applications across the corporation. This includes all standard user access, privileged access and the underlying infrastructure supporting both. Related to these activities you will also be the principle on engaging with internal & external access reviews and audits.
You will also be responsible for ensuring that GSK continually evolves and improves the underlying processes related to provisioning, developing and adopting new technologies where beneficial (automation, AI, analytics etc.)
What are the key role responsibilities?
Credential Provisioning: Lead the function and manage the underlying infrastructure responsible for provisioning of accounts across GSK. This covers the management of over 200,000 accounts that have access rights to GSK infrastructure and systems.
Identity Assurance: Utilise the authoritative sources for establishing the identity of an individual prior to granting access to GSK's network, systems, applications and data.
Audit Management: ensure that all activities and tools utilised are operated against defined standard procedures that support the necessary compliance position. This includes regulations related to GDPR, PII, Sarbanes Oxley, GxP, etc. Act as the principle lead on all audits and assessments (both internally and externally led) that assess compliance in this area.
Continuous Improvement: manages an ongoing agenda to continually improve the performance and security related to Access Management. Driving the development and adoption of new processes and technologies where beneficial. This includes deployment of new control tools, self-service applications, AI, access monitoring and investigative analytics
Strategic Agenda: Work collaboratively with both the Infoprotect (CISO) and Platforms function to ensure alignment on strategic direction for access provisioning and the underlying security agenda. This includes providing support to core programmes of work that will deliver solutions that will be managed within operations (including Sailpoint and CyberArk)
How do I apply?
Closing date for applications (midnight): 27th April 2018.
Ensure you provide a strong cover letter demonstrating how you meet the criteria for this role, we will use the information that you have provided in your cover letter and CV to assess your application.
If requiring an adjustment for a disability, once selected for interview you may contact firstname.lastname@example.org
Thank you for your interest in this opportunity.
What Qualifications do I need to apply?
- You will hold a degree in IT or equivalent.
What skills & experience do I need?
- You will have proven experience in a global operational service focused on Identify/Access Management
- A strong awareness of technology and strategy/direction in relation Access Management
- Experience with CyberArk and Sailpoint solutions extremely beneficial
- A strong understanding of compliance landscape and associated policies, regulations and assurance models
- Proven experience in dealing with external auditors and leading audit support and response work
- Proven experience in driving service improvements including adoption of automation and self-service models
- Am awareness of wider external strategy & direction being pursued by industry in relation to identity management and access control
- A well-defined communication skills that have utilized multiple engagement formats & technologies on a global stage
- Experience managing 3rd vendors suppling IT security services
- The ability to influence/manage stakeholders at a SVP level
- You will be able to demonstrate abilities to effectively exploit complex data, present it effectively and extract actionable insights.
You will have excellent stakeholder, engagement and communication skills and be recognised as a lead by peers in the core areas of this role (Security, Identity and Access Management).
You should be able to be able demonstrate a strong external network to other companies in multiple sectors and have the ability to balance a strategic agenda with day-day operational excellence.
Perform a broad range of work and complex activities in a wide variety of non-routine context with substantial personal autonomy, be able to work effectively and influence peers to drive improvements in their services and well as being able to define improvements that benefit service provision or realise costs savings to GSK.
GSK are a science-led global healthcare company - with three world-leading businesses - that research, develop and manufacture innovative pharmaceutical medicines, vaccines and consumer healthcare products.
You may apply for this position online by selecting the Apply now button.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.