Senior Security Engineer - Ot

The Senior Security Engineer forms part of a local team of Security Engineers as part of the CSO (Cyber Security Office) Security Architecture, Consulting & Engineering team. The Senior Security Engineer will support the GSK platform cybersecurity program team, as a technical resource in the design of the Security Engineering function around infrastructure, application and data security areas such as secure application development, securing infrastructure as code, and partnering with the numerous teams throughout GSK who are developing applications. The candidate will act as an interface with technical experts in CSO, Platforms, Consumer, Pharma, Vaccines Technology teams as they build out internal & external capabilities.
The candidate must be capable of understanding the threats to our applications and data from internal and external sources, direct and coach team members on mitigation solutions. The resource will ensure processes and technology aligns with the Tech Transformation Strategy within GSK and it compliments with the other functions within CSO.
The Senior Security Engineer is responsible for providing support for CSO, GP&T (Global Products and Technologies), and business unit tech activities, ensuring that risks & controls are identified, prioritized, effectively managed, and monitored.
This role will not have direct reports, and it may include multiple matrix relationships within CSO, other business and support functions, and external suppliers.
This role will provide YOU the opportunity to lead key activities to progress YOUR career, these responsibilities include some of the following:

• Assist in the execution of the strategy for overall GSK security functions
• Support the creation and design of a scalable engineering function to support the Security Architect function
• Support the various Tech organizations within GSK in identifying key security capabilities to handle the scale of GSK's technology deployment.
• Operate in support of the GSK Agile Frameworks, VFQ (Value, Flow, Quality) and DevOps execution.
• Define/Review Conceptual/Logical or Technical Security Architecture to secure the GSK environment
• Mentor junior Security Engineering team members.
• Provide input into strategic direction and technology decision activities within TSR.
• Understanding of Threat Landscape and ability to apply them in client context.
• Knowledge of security patterns (along with their integration approach) and apply them in the context of the GSK environment, patterns can be Technical Pattern or Process Patterns.
• Application lifecycle management: Including (Upgrades/Patches and day to day operations)
• Configure policies, rules, and alarms for supported applications.
• Manage and tune policies or signatures to maximize true positives and minimize false positives.
• Lead with administration, design, development, implementation, and maintenance of our global environment.
• Lead with evaluations, development, testing, and installation of cybersecurity monitoring technologies.
• Risk assess OT environments
• Contribute to procedures and documentation for maintaining all hardware and software.

Why you?
Basic Qualifications:
We are looking for professionals with these required skills to achieve our goals:

• 3+ years experience in Information Security
• Experience in large enterprise organizations is a benefit
• ICS network design and support
• OT Security Architecture in the Purdue model
• Familiarity with security programs including but not limited to (Vulnerability, Threat Detection, Incident response)
• Sysadmin and troubleshooting experience

Preferred Qualifications:
If you have the following characteristics, it would be a plus:

• Bachelor's degree
• Familiarity with ISA 62443 standard
• GICSP, GSEC, CISSP, GCIH, GCIA, Security+
• Proven capability in Risk Management and Internal Controls
• Experience with Secure Network Analytics (formerly Stealthwatch) or Tenable.OT applications
• Experience using scripting languages (Python or similar, PowerShell scripts, bash)
• ITIL- Incident and change mgmt. experience
• Proven experience working and influencing cross functionally
• Strong analytical skills, attention to detail
• Prepared to work at a low level of detail where necessary
• Strong and clear communication skills - verbal and written
• Support the development of security technology standard proposals
• Ability to engage with leadership teams
• Sense of urgency
• Continually challenge the security status quo with new innovative ideas

#LI-GSK
GSK offers a competitive compensation package inclusive of the following: Competitive base salary, annual bonus based on company performance, access to healthcare and wellbeing programs, retirement savings program, paid time off, and employee recognition programs which reward exceptional achievements. The salary range for this role is: $102,816 to $139,104
GSK is a global biopharma company with a special purpose - to unite science, technology and talent to get ahead of disease together - so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns - as an organisation where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to positively impact the health of 2.5 billion people by the end of 2030.
Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it's also about making GSK a place where people can thrive. We want GSK to be a workplace where everyone can feel a sense of belonging and thrive as set out in our Equal and Inclusive Treatment of Employees policy. We're committed to being more proactive at all levels so that our workforce reflects the communities we work and hire in, and our GSK leadership reflects our GSK workforce.
If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at 1-877-694-7547 (US Toll Free) or +1 801 567 5155 (outside US).
GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit GSK's Transparency Reporting For the Record site.