Senior Director of Threat Detection and Response

Posted:
8/14/2024, 10:55:05 PM

Location(s):
Poznan, Greater Poland Voivodeship, Poland ⋅ Pennsylvania, United States ⋅ Greater Poland Voivodeship, Poland ⋅ Philadelphia, Pennsylvania, United States

Experience Level(s):
Senior

Field(s):
IT & Security

Please note this role can be based in USA or in Poznan, Poland.

The Senior Director of Threat Detection and Response will play the lead role in keeping information and technology-related systems safe and protected. This includes the monitoring, detection, coordinated response and management of potential incidents and cybersecurity threats to mitigate the impact of interruption of routine business operations. The metrics-driven leader will ensure incidents, trends and emerging threats are understood, identified and properly dispositioned through the utilization of threat intelligence and fusion analysis. Provide maturity and operational assessments and information about actual cyber threats to senior level leaders to demonstrate the efficacy of the overall operational program.

The role also involves a strong analytical component, requiring the individual to lead the team responsible for the creation and refinement of rules and algorithms to identify malicious activity across the company's networks and digital assets both from internal and external risks.

This role plays a critical part in maintaining the operational integrity, security, and resilience of GSK's information systems. The Senior Director will ensure effective incident response strategies are in place and that incidents are managed in a way that minimizes impact to the business.

Key Responsibilities:

  • Lead a global team of cybersecurity professionals to provide 24x7x365 cybersecurity operations

  • Ensure Security Operations Center is providing the appropriate level of Identification, Detection, Response, Recovery and Resumption activities

  • Leverage industry leading frameworks and methodologies to ensure consistency and cross-industry alignment with best practices

  • Implement standards and procedures that enable the appropriate cybersecurity posture throughout the organization

  • Deploy cybersecurity automation tools as a force-multiplier(s) in identifying, managing and dispositioning potential cybersecurity events

  • Identify and deploy machine learning (ML) and artificial intelligence (AI) to proactively recognize trends and anomalies across the environment

  • Proven ability to manage a cloud-based IT environment, extracting and ingesting threat information for appropriate situational awareness

  • Establish leading-edge fusion analysis to ensure information from a variety of sources is appropriately ingested to provide for a comprehensive protection and response posture

  • Enable a world-class incident response program for timely identification, response and remediation of cybersecurity incidents

  • Deploy comprehensive playbooks to ensure processes, roles and responsibilities are clearly articulated to enable a rapid response to a cybersecurity incident

  • Continually develop, assess and mature cybersecurity personnel to meet the challenge of an evolving threat landscape

  • Work with government, professional and industry groups and consortiums to ensure a diverse and well-understood approach to Threat Detection and Response

  • Monitoring targets to include internal and external sources, such as an internet forums, social media and alerts shared by other organizations.

  • The role is further responsible for the identification and analysis of new adversaries, attacks and threats to enable the tactical prioritization of cyber defense approach and resource deployment.

  • Conduct thorough post-incident analysis and reporting to identify root causes, lessons learned, and areas for improvement.

  • Work closely with the IT, cybersecurity, legal, and communications departments to prepare and execute effective incident communication plans both internally and externally.

  • Provide guidance and feedback in the maintenance of the Security Information and Event Management (SIEM) infrastructure, ensuring high-fidelity alerts and minimal false positives.

  • Conduct continuous threat hunting activities to proactively identify potential threats that evade existing controls.

  • Provide people leadership and talent development for team members.

Qualifications:

  • Bachelor or higher degree in computer science, engineering or similar.

  • Minimum of 10 years of experience in cybersecurity

  • 6 years' experience creating and presenting technical strategies and technical solution recommendations.

  • 4 years' experience leading cross-functional teams.

  • 7 years' experience in physical and/or digital information and/or incident handling

  • Clear ability to implement and have responsibility for end-to-end cybersecurity programs, with a strong predisposition towards execution and delivery

  • Cross-industry experience particularly in highly regulated organizations

  • Demonstrated ability to identify and understand ongoing and emerging cybersecurity risks, and the aptitude to articulate the impact

  • Proven ability to work across various business units and IT disciplines; must have strong interpersonal skills

  • Demonstrated sustained leadership in a large organization involving multiple constituencies

  • Experience in developing and leveraging metrics to enable a cybersecurity program

  • Excellent written and verbal skills that allow for an understanding of the program in a pragmatic way

  • Strong negotiating, conflict resolution, influencing and stakeholder management skills to ensure effective change management.

  • Strong leadership skills to develop and lead a high performing team of experts.

  • Strong problem solving and innovative mind-set to ensure a clear focus on the forward agenda.

  • Ability to inspire engagement in people through leading by example and cultivating a culture of transparency and staff influence.

  • CISSP, CISA, CISM, GCFA, GCIH, GCIA

The annual base salary for new hires in this position ranges from $198,050 to $267,950 , taking into account a number of factors including work location, the candidate’s skills, experience, education level and the market rate for the role. In addition, this position offers an annual bonus and eligibility to participate in our share based long term incentive program which is dependent on the level of the role. Available benefits include health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and paid caregiver/parental and medical leave.The annual base salary for new hires in this position ranges from $198,050 to $267,950 taking into account a number of factors including work location, the candidate’s skills, experience, education level and the market rate for the role. In addition, this position offers an annual bonus and eligibility to participate in our share based long term incentive program which is dependent on the level of the role. Available benefits include health care and other insurance benefits (for employee and family), retirement benefits, paid holidays, vacation, and paid caregiver/parental and medical leave.

Please visit GSK US Benefits Summary to learn more about the comprehensive benefits program GSK offers US employees.

Why GSK?

Uniting science, technology and talent to get ahead of disease together.

GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. We prevent and treat disease with vaccines, specialty and general medicines. We focus on the science of the immune system and the use of new platform and data technologies, investing in four core therapeutic areas (infectious diseases, HIV, respiratory/ immunology and oncology).

Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a place where people feel inspired, encouraged and challenged to be the best they can be. A place where they can be themselves – feeling welcome, valued, and included. Where they can keep growing and look after their wellbeing. So, if you share our ambition, join us at this exciting moment in our journey to get Ahead Together.

If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at 1-877-694-7547 (US Toll Free) or +1 801 567 5155 (outside US).

GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class.

Important notice to Employment businesses/ Agencies

GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.

Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK’s compliance to all federal and state US Transparency requirements. For more information, please visit GSK’s Transparency Reporting For the Record site.