|Location||Collegeville, PA or Raleigh-Durham, NC (US); West London or Stevenage (UK)|
|Preferred GIAC Certifications||GSEC, GCED, GCCC, GCWN, GCUX, GWAPT, GPEN|
|Contact Name||Chris Baker|
Senior Security Consultant (WD127536)
10 years experience in at least 2 of the information security domains
3+ years of experience working in security or security related discipline in a health care company or similarly regulated industry
Analytical thinking and able to apply IT logic based on scenario and complies to security policies
Basic understanding on security access management policies
Knowledge of information security standards (e.g. ISO27001)
Possesses knowledge in various information security areas, such as: Identity and Access Management, Threat and Vulnerability Management, Information Risk and Governance, IT architecture, Monitoring, Incident Response and Security Strategy.
CISSP, GIAC, or equivalent experience (GSEC, GCED, GCCC, GCWN, GCUX, GWAPT, or GPEN)
Bachelor's Degree in IT Technologies and security solutions
The Senior Technology Consultant role reports to the Director, Application, Host, and Data Security and provides expertise and leadership in developing and implementing the security controls and standards for technology solutions globally. A key purpose is to provide technical leadership (the trusted, technical adviser, providing thought leadership and application of technology to business problems) in network security, secure host configurations (server and workstation), threat and vulnerability management, and application security. This is both a technical and collaborative role, working with others across End-user Infrastructure Services and other key stakeholders as required such as business units, global risk and compliance, 3rd party vendors etc.
• Analyze and lead the resolution of the most complex technical issues while providing expert technical support and direction to multiple deployment, upgrade and software installation projects, incidents, and requests.
• Map requirements and business problems to re-usable end-to-end technology solutions and explain the solution options and recommendations to senior decision makers.
• Lead the design of new functionality and extend existing solutions (driving the development of those solutions by guiding and mentoring the delivery team through the entire development process).
• Provide hands on skills and experience to build and deploy solutions when required, such as for proofs of concept or in technically challenging areas where it is appropriate and necessary to engage a senior technology consultant.
• Provide implementation and operational expertise to ensure that returns on investment are optimized in line with unit cost and budget expectations.
• Understand, contribute and when appropriate lead the development of strategy, acting as a bridge to help translate strategy into technical solution implementation for the delivery team.
• Document solution designs and how they interact with the larger ITSS and GSK IT landscape, this may be informally e.g. via presentations or more formally through the GSK ITMS approach as the need requires.
• Identify risks related to new or existing solutions and contribute to risk mitigation plans.
• Lead and contribute to the development of standards and security controls as necessary to ensure compliance and maintain GSK’s security and reputation.