Senior Manager, Cloud Security
Colonia Metrenquén (Provincia de Llanquihue) Sales
Job description
Nombre del sítio: Poznan Business Garden Pastelowa
Fecha de publicación: Feb 22 2024
Our Cyber Security organisation enables GSK to take on some of the biggest healthcare challenges in the world by protecting our business, customers, and patients from cyber risks. We are investing in growing our Cyber Security teams because they play a pivotal role as the nature and types of threats get more sophisticated.
In this ever-evolving digital and technology landscape, it is critical to stay on top of issues that could cause us harm. This requires a deep understanding of cybersecurity concepts, techniques, and trends along with critical thinking. Our Cyber Security teams are continuously learning and developing their skills to protect against bad actors, allowing GSK to stay focused on what matters most – getting ahead of disease together.
Why you?
·
Build and maintain cloud security governance framework for multi-cloud environment including Microsoft Azure, GCP and AWS.
·
Build and maintain a network of key stakeholders across security teams, central IT teams, business tech and developer groups to understand future state cloud requirements and roadmaps.
·
Define and align cloud security standards, frameworks and policies with overall business and technology strategy and drive implementation of processes and tools to monitor and enforce compliance.
·
Define and periodically review cloud service security controls and guidance documentation for all IaaS & PaaS services, balancing business objectives with information and cyber security requirements.
·
Define security guidance and best practice for all IaaS & PaaS services to supplement security controls.
·
Define and periodically review cloud service security controls and governance for sanctioned and unsanctioned SaaS platforms.
·
Drive the cloud security conversation within cyber security office, central team and business unit senior stakeholders and workload owners.
·
Provide cloud security architecture review for large scale cloud projects and platforms providing recommended changes or enhancements to ensure alignment with secure by design principles.
·
Provide cloud security consultancy to cyber risk assurance and governance risk and compliance teams for solution architecture reviews.
·
Identify and communicate current and emerging security threats.
·
Maintain technical skills and knowledge, keeping up to date with market trends and competitive insights
Qualifications & Skills
Basic Qualifications:
·
Minimum of 8 years working as an information security professional and at least 3 years working as a cloud security professional.
·
BSc level or equivalent education.
·
Expert level security knowledge of Azure, GCP and AWS.
·
Proven experience in security architecture and security by design reviews of cloud native solutions, leveraging containers, micro-services, APIs, PaaS capabilities such as data storage, databases and data processing technologies, and identity & access management suites on Azure, GCP and AWS.
·
Proven experience of security reviews and threat modelling for cloud hosted solutions leveraging Generative AI cloud services.
·
Demonstrated experience and understanding of cyber security principles, IT security controls, and related technologies and products.
·
Demonstrated experience of network security related to cloud network virtualisation and associated security controls.
·
Demonstrated experience of identity and access management related to securing cloud platforms and workloads.
·
Strong stakeholder management skills.
·
Strong verbal/written communication in English, with the ability to effectively interact with professionals at all levels of responsibility and authority, both technical and non-technical.
·
Ability to work with virtual teams located in different countries around the world, aligning and adapting different work, culture, and communication styles.
Preferred Qualifications:
·
Security based industry certification such as ISC2 CISSP
·
Pharmaceutical industry experience would be a benefit but not essential.
·
Cloud agnostic industry certification in cloud security such as ISC2 CCSP and/or CSA CCSK
·
Cloud Service Provider security certifications such as Microsoft AZ-500, Google Security Engineer, AWS Security Engineer
·
Experience with SABSA and Archimate
Benefits:
·
Career at one of the top tier global healthcare companies
·
Attractive reward package (competitive salary, annual bonus & awards for outstanding performance, recognition awards for additional achievements and engagement, holiday benefit
·
Possibilities of development within the role and company’s structure
·
Life insurance and pension plan
·
Open and broad environment which is encouraging and welcoming of all diversity strands (gender, race, ethnicity, sexuality, disability, or any other characteristic)
·
Private medical package with additional preventive healthcare services for employees and their eligible counterparts
·
Sports cards (Multisport)
·
Personalized learning approach (mentoring, online trainings’ platforms: Pluralsight, Business Skills, Harvard Manage Mentor, Skillsoft and external trainings)
·
Extensive support of work life balance (flexible working solutions including working from home possibilities, health & wellbeing activities)
·
Supportive community and integration events
·
Modern office with creative rooms, fresh fruits everyday
·
Free car and bike parking, locker rooms and showers
#GSKcso
G6
Si necesita una adaptación u otra asistencia para solicitar un trabajo en GSK, comuníquese con el Centro de Servicios de RR. HH. de GSK al 1-877-694-7547 (gratis en los EE. UU.) o al +1 801 567 5155 (fuera de los EE. UU.).
GSK es un empleador que cree en la igualdad de oportunidades y la acción positiva. Todos los solicitantes calificados recibirán la misma consideración para el empleo sin tener en cuenta la raza, el color, el origen nacional, la religión, el sexo, el embarazo, el estado civil, la orientación sexual, la identidad o expresión de género, la edad, la discapacidad, la información genética, el servicio militar, el estado de veterano cubierto o protegido o cualquier otra clase federal, estatal o local protegida.
Aviso importante a las empresas o agencias de empleo
GSK no acepta recomendaciones de empresas de empleo o agencias de empleo con respecto a las vacantes publicadas en este sitio. Todas las empresas o agencias de empleo están obligadas a ponerse en contacto con el Departamento de Contrataciones Comerciales y Generales o el Departamento de Recursos Humanos de GSK para obtener autorización previa por escrito antes de recomendar a cualquier candidato a GSK. La obtención de autorización previa por escrito es una condición precedente a cualquier acuerdo (verbal o escrito) entre la empresa o agencia de empleo y GSK. En ausencia de dicha autorización por escrito, se considerará que las acciones que emprenda la empresa o agencia de empleo se han realizado sin el consentimiento o el acuerdo contractual de GSK. Por lo tanto, GSK no será responsable de ninguna tarifa derivada de tales acciones o cualquier tarifa que surja de cualquier recomendación por parte de las empresas o agencias de empleo con respecto a las vacantes publicadas en este sitio.
Tenga en cuenta que si usted es un profesional de la salud con licencia de EE. UU. o profesional de la salud según lo definido por las leyes del estado que emite su licencia, puede ser necesario que GSK recolecte e informe los gastos en los que GSK incurre, en su nombre, en el caso de que se lo entreviste para el empleo. Esta recolección de las transferencias de valor aplicables es necesaria para garantizar el cumplimiento de GSK con todos los requisitos federales y estatales de Transparencia de los Estados Unidos. Para obtener más información, visite el sitio de Informe de Transparencia de GSK For the Record .