Information Security Consultant

06 Sep 2017
04 Oct 2017
Contract Type
Basic qualifications:
• In-depth current knowledge of information security principles, technology and risk mitigation approaches, covering the security domains within the scope of industry frameworks, e.g. ISO 27001, COBIT, NIST, etc.
• Demonstrated leadership, innovative problem solving, and effective consulting with in-depth knowledge and experience in one or more information security domains: access management, Web application security, cloud security, data privacy, business continuity management, supplier management, or IT quality, regulatory and compliance.
• Demonstrated ability working in collaboration with peers both at a technical level, with information security knowledge, and at a business level, with key stakeholders, owners, and processors of information.
• Demonstrated ability to comprehensively research, evaluate, and present succinct summary of relevant information and issues on a security concern, threat, or emerging risk.
• Proven capability to focus on results, work independently and under pressure to meet tight deadlines.
• Track record of establishing strong working relationships and practices with clear accountability for delivery.
• Demonstrated ability to work effectively within and with teams, including virtual teams formed for short term projects and initiatives.
• Demonstrated ethical integrity in line with GSK values.
• Availability to travel up to 20% of weeks over year.

Preferred qualifications:
• IT audit and compliance experience, including external third party supplier assessments.
• Knowledge and experience applying application software security, e.g. experience in application development, software testing, system implementation or application support.
• Information security qualification, e.g. CISA, CISM, CRISC, CISSP, GIAC, or related.
• Understanding of IT support processes and frameworks, e.g., ITIL and ISO 20000.
• Pharmaceutical or closely related industry experience.

About the role

We are looking for an Information Security Consultant to join the Supplier Security, Risk and assurance team whose focus is third party suppliers who manage and process company information that is classified as critical and sensitive with a potential for severe impact on GSK.

What is the purpose of this role?

This role will work with internal business groups, procurement, and legal as well as external suppliers directly to ensure the GSK information protection risk is well managed where third parties are involved. This is a global role with responsibilities for services, capabilities and projects related to GSK's overall information protection strategy.

What are the key responsibilities/accountabilities?

• Perform supplier security assessments in line with departmental procedures and processes.
• Create risk assessment documentation to outline mitigation plans and residual risk for acceptance by the business.
• Establish and maintain internal relationships with appropriate procurement and business unit organizations to ensure alignment of processes and activities.
• Carry out onsite supplier assurance visits to ensure supplier controls have been implemented and are operating effectively and in accordance with contractual obligations throughout relationship lifecycle.
• Contribute to the development and maintenance of departmental standards, templates, tools, and processes.
• Integration and development of compliance processes into solution and service to align and improve overall delivery.
• Participate in activities pertaining to service reviews, metrics gathering and reporting, voice of the Process, voice of the customer, root cause analysis, remediation, reporting, and continuous improvement.
• Negotiate risk elements, mitigation plans, and risk acceptance with external suppliers and GSK business supplier relationship owners.

What skills & qualifications do I need to apply?

Beyond the basic qualifications above, the successful candidate will have excellent written and verbal communication skills and good judgment in setting priorities, providing practical advice and guidance, and evaluating consequences in support of decisions that are in the best interests of GSK. This includes being able to understand and clearly explain technical topics and the significance of associated risks to non-technical audiences and senior management.

What else would benefit me in this role?

The candidate must be a self-starter, comfortable working independently, and is expected to keep their knowledge of IT security, quality, risk, and compliance current through involvement with relevant industry forums, involvement in GSK projects, and regular training.

How would I be rewarded in this role?

• PAY - We will reward your contributions to GSKs success through your salary, bonus or sales incentives, and recognition awards.
• Competitive Base Salary - Your salary is paid monthly on the 20th day of the month (or nearest business day) It is reviewed each year to ensure it stays competitive and reflects your performance and contribution to GSK's strategy.
• 18% Annual Target Bonus - Your individual performance is worth 60% if your total bonus and is based on the achievement of your personal objectives. The high level results of your business area is worth 40% of your total bonus.
• Car Allowance - Annual car allowance of GBP6,420 paid in equal monthly instalments.

• SHARES & SAVINGS - Gives you a stake in GSK's success and helps you save for the future, in partnership with GSK.
• Share Value Plan - The Share Value Plan rewards your personal contribution to GSK's success.
• Share Reward - Share reward allows you to invest up to 5% (maximum of GBP125)of your salary each month in GSK shares and receive a free share for every share you buy.
• Share Save - Share Save is designed to help you save for the medium term, by giving you the opportunity to buy discounted GSK shares at the end of a three year savings period.
• GSK Pension Plan - You automatically become a member of the GSK pension plan when you join GSK. An account is opened in your name and GSK contributes a core amount of 7% of your pensionable salary into your account each month. You are also required to make a contribution of 2%, GSK will match any contributions you make up to a maximum of 3% of your pensionable salary (total contributions up to 15%)

• HEALTH & LIFE - Looks after you and your family's health & wellbeing.
• Holidays - You are entitled to 26-days paid personal holiday each year (increasing to 27 days after 5yrs and 28days after 10yrs service) plus eight paid public holidays.
• Healthcare Plan - The GSK Healthcare Plan is designed to you and covered family members' access to prompt medical treatment. You can join the healthcare plan at anytime.
• Health MOT - You will be invited to have a Health MOT once every 2 years. The health MOT is a free and confidential health check.
• Tax Free: Plans including bikes, health assessments, holiday and childcare

How do I apply?

APPLICATION CLOSING DATE - Thursday 19th September

Please take a copy of the Job Description, as this will not be available post closure of the advert. When applying for this role, please use the 'cover letter' of the online application or your CV to describe how you meet the competencies for this role, as outlined in the job requirements above. The information that you have provided in your cover letter and CV will be used to assess your application.

If you are an internal applicant please indicate within your cover letter if you are confirmed as displaced (or potentially displaced) and at risk of redundancy. During the course of your application you will be requested to complete voluntary information which will be used in monitoring the effectiveness of our equality and diversity policies. Your information will be treated as confidential and will not be used in any part of the selection process. If you require a reasonable adjustment to the application / selection process to enable you to demonstrate your ability to perform the job requirements please contact . This will help us to understand any modifications we may need to make to support you throughout our selection process.

Thank you for your interest in this role.

Contact information:
You may apply for this position online by selecting the Apply now button.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Contact information:
You may apply for this position online by selecting the Apply now button.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site..... click apply for full job details