OT Cyber Security Senior Manager - Risk & Vulnerability Management
GSK
At GSK, we unite science, technology, and talent to get ahead of disease together.
We are dedicated to safeguarding our Operational Technology (OT) systems, which are critical to our laboratory, manufacturing, and environmental management processes. To address and manage risks within our OT environments, we are establishing a dedicated OT Cybersecurity hub.
We are seeking an experienced OT Cyber Security Senior Manager to lead our risk and vulnerability management processes. You will design and implement robust risk and vulnerability management strategies, ensure stakeholder alignment, and conduct thorough risk and threat analyses to secure our OT assets.
Responsibilities
1. Lead the OT risk management lifecycle, including risk identification, assessment, mitigation, and acceptance, following internal standards and industry best practices (IEC62443).
2. Collaborate with business units to understand security risks and compliance requirements.
3. Provide strategic direction for addressing current and emerging risks, including resource allocation, training, and monitoring.
4. Conduct periodic OT risk assessments and integrate findings into decision-making processes.
5. Manage a team of risk analysts, reviewing and approving risk assessment reports.
6. Communicate vulnerabilities and policy violations effectively to relevant stakeholders.
7. Establish plans for vulnerability identification through scanning, patch reporting, and testing.
8. Prioritize and categorize vulnerabilities, assess the effectiveness of dispositions.
9. Maintain relationships with stakeholders for remediation of critical vulnerabilities.
10. Communicate vulnerability data to system and business owners and develop training plans.
11. Determine protective measures for vulnerabilities and support patch and vulnerability management products.
Qualifications & Skills
Required:
* Bachelor's degree in Computer Science or related field.
* Certifications such as IEC62443, CISSP, CISM, CISA, CIPT, CIPM, CRISC or equivalent.
* Experience in cyber risk and vulnerability management, especially in OT security.
* Proven project and team leadership skills.
* Proficiency in MS Office Suite.
Preferred:
* Deep knowledge of IEC62443 standards.
* Experience with Digital Manufacturing / Industry 4.0.
* Strong stakeholder engagement and communication skills.
* Experience in the pharmaceutical industry.
* Ability to quickly learn internal policies and standards.
* Excellent organizational and project management skills.
* Strong communication skills for interacting with diverse groups.
Additional Information
Closing date for applications: Thursday, 8th May 2025.
Please include a cover letter or CV demonstrating how you meet the role's competencies.
#J-18808-Ljbffr