Operational Technology Security Tech Specialist

Site Name: UK - Hertfordshire - Stevenage, UK - London - Brentford, UK - Surrey - Weybridge, USA - North Carolina - Research Triangle Park, USA - Pennsylvania - Philadelphia, Richmond Sherwood Posted Date: Jul 6 2021 GSK Consumer Health Care is one of the world's leading research-based pharmaceutical and healthcare companies, and we are on a mission to improve humanity's quality of life by enabling people to do more, feel better and live longer. We're undergoing an exciting transformation, as we execute our strategy to spin-off our Consumer Healthcare division to create a world-class Consumer Packaged Goods company in its own right. The Operational Technology [OT] Security specialist will act as a Consumer Health site-based role (Supply Chain Manufacturing and R&D Lab locations). The OT Security Specialist will support more than one site in a region. The aim of this role is to have an OT security representative who will be responsible for ensuring all aspects of OT security related activities are completed in line with the OT security standards, guidance, processes and procedures with CH. It is also to ensure the OT security tools are used correctly, and to ensure OT security awareness is promoted at the site. This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following: Ability to work with minimal supervision. Deep understanding and adherence to SOP's, the establishing/drafting, revision and validation of SOP's as they relate to the Quality Employee Health & Safety processes, system validation and training Partner/lead with business in application/platform upgrade processes and influence outcomes to meet business, budget and scope commitments. Experience in Supply Chain management, supply chain mfg. and methodologies globally History of proven Project Management skills from E2E. Prepare scopes of work or contracts required for applications. Critically review contract/SOW changes and make recommendations on the contract/SOW selections Consult/coordinate with the CH OT Team supporting reviews, audits and any issues, resolution or queries in relation to OT security at CH sites. Provide input and feedback to the OT Security Team regarding onsite learnings with OT security standards, guidance, processes and procedures to drive continuous improvement Provide support to the OT Security Team for OT security related testing at the site, e.g. testing new firewall rules Fulfilling the OT security standard requirements at CH sites - duties to include, but not be limited to: Owning, managing and maintaining the OT device asset register Owning, managing, and maintaining the removable media register Supporting OT access management Supporting system hardening, including patching, antivirus scanning, and system configuration management Supporting network segmentation and firewall rule creation and modification Supporting remote connections risk management and remediation Being the single point of contact for the site in terms of OT security, including: Answering OT security related questions from site-based teams (e.g. Engineers, Technicians, Operators, etc.) Provide guidance and awareness on OT security related tasks and jobs taking place at the site Educate Consumer Health site automation engineers, technicians and any related technical resources on OT cyber security best practices and standards Managing all cyber security incidents and alerts ensuring they are responded to and completed with the appropriate sense of urgency to ensure that cyber security risks are minimized Ensuring vendors are managed appropriately at site in terms of OT security compliance Ensure that all projects and changes at the site comply with the GSK OT Security OT security standards, guidance, processes and procedures. Overseeing OT security related works at the site to ensure they comply with the GSK OT Security OT security standards, guidance, processes and procedures OT security risk management - Having an oversight of the risk matrix for the site with a view to help reduce risks to an acceptable level, and then maintain said level Why you? Basic Qualifications: We are looking for professionals with these required skills to achieve our goals: Bachelor's degree 10+ years of Tech/IT experience 5+ years of Infrastructure Architecture experience 10+ years manufacturing automation experience with several years in technical roles preferred Preferred Qualifications: If you have the following characteristics, it would be a plus: Master's degree Exposure to IT infrastructure and Cyber Security risk reduction Effective communication skills with the ability to interface with operational, capital projects and senior management within the organization Experience working with a global Consumer organization and understanding their needs Advanced knowledge of agile, quality and risk management principles and tools Partnering on problem-solving discussions between key stakeholders Ability to nurture and maintaining collaborative working relationships Chang agent- Lead and influence people in a matrix business environment globally Experience of operating in an international environment with tact, diplomacy and cultural sensitivity Demonstrated knowledge of GSK policies, procedures and processes where ongoing assurance must be managed High degree of familiarity with information technology and its use in industrial control systems, principally computer operating systems and Ethernet networking Why GSK? Our values and expectations are at the heart of everything we do and form an important part of our culture. These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance, and trust, the successful candidate will demonstrate the following capabilities: Agile and distributed decision-making - using evidence and applying judgement to balance pace, rigour and risk Managing individual and team performance. Committed to delivering high quality results, overcoming challenges, focusing on what matters, execution. Implementing change initiatives and leading change. Sustaining energy and well-being, building resilience in teams. Continuously looking for opportunities to learn, build skills and share learning both internally and externally. Developing people and building a talent pipeline. Translating strategy into action - a compelling narrative, motivating others, setting objectives and delegation. Building strong relationships and collaboration, managing trusted stakeholder relationships internally and externally. Budgeting and forecasting, commercial and financial acumen. #TechConsumer *LI-GSK If you require an accommodation or other assistance to apply for a job at GSK, please contact the GSK Service Centre at 1-877-694-7547 (US Toll Free) or +1 801 567 5155 (outside US). GSK is an Equal Opportunity Employer and, in the US, we adhere to Affirmative Action principles. This ensures that all qualified applicants will receive equal consideration for employment without regard to race, color, national origin, religion, sex, pregnancy, marital status, sexual orientation, gender identity/expression, age, disability, genetic information, military service, covered/protected veteran status or any other federal, state or local protected class. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. Please note that if you are a US Licensed Healthcare Professional or Healthcare Professional as defined by the laws of the state issuing your license, GSK may be required to capture and report expenses GSK incurs, on your behalf, in the event you are afforded an interview for employment. This capture of applicable transfers of value is necessary to ensure GSK's compliance to all federal and state US Transparency requirements. For more information, please visit GSK's Transparency Reporting For the Record site.