Job description Posted 06 June 2022

Application Security Assurance Subject Matter Expert

12 month initial contract

Pay rate up to £490 per day via Umbrella inside IR35

Remote working, UK

GSK is one of the world’s foremost pharmaceutical and healthcare companies, and we are proud to be part of an industry that improves the lives of others. We are embarking on a significant transformation journey that will support GSK in becoming a top-quartile data-enabled organisation.

This is an exciting time to join GSK. The primary purpose of this position is to partner with the business and global support functions to embed the concept of “secure by design” by influencing projects and operations to implement proportionate cyber security coverage throughout the development Lifecyle. 


This is achieved by acting as a cyber security Subject matter expertise (SME) for the business, acting as a conduit to other security teams (such as Cyber Security Operations, Governance Risk and Compliance and Architecture and Engineering) as required to meet business needs.  


This role will provide YOU the opportunity to lead key activities to progress YOUR career. These responsibilities include some of the following.


·      Conduct application risk assessment to identify risk posture for applications being migrated to the cloud

·      Ensure application policies are adhered to and identify any gaps within the risk appetite.

·      Validation/audit of security controls and documenting findings and gaps

·      Perform high level review on application architecture to identify gaps/issues pre/post migration

·      Work with the business to provide application/cloud security consultancy and

explain complicated application cyber security issues and potential business impact, recommend, and negotiate suitable mitigation approaches

·      Ensure all Application Security Assurance services are delivered within agreed timelines.

·      Engage with stakeholders to provide agreed metrics

·      Work with stakeholders to remediate any application risks prior/post to cloud migration



Basic Qualifications

·      Education to a degree level in IT related discipline

·      Prior experience in conducting Application Security risk assessments.

·      At least 5 years' experience in application/cloud security

·      Experience with Cloud Security Assurance

·      Demonstrated experience and understanding of cyber security principles, IT security controls, and related technologies and products

·      Strong verbal/written communication in English, with the ability to effectively interact with professionals at all levels of responsibility and authority

·      Work with virtual teams located in different countries around the world, aligning and adapting different work, culture, and communication styles



Why GSK?

Our values and expectations are at the heart of everything we do and form an important part of our culture. These include Patient focus, Transparency, Respect, Integrity along with Courage, Accountability, Development, and Teamwork. As GSK focuses on our values and expectations and a culture of innovation, performance and trust, the successful candidate will demonstrate the following capabilities.