Job description Posted 05 June 2024

OT Cyber Security Data Security Analyst

Contract till end of year (Likely extensions)

Remote

£330.00 per day via Umbrella

Role Summary:

As a Data Security Analyst, you will play a critical role in ensuring the confidentiality, integrity, and availability of our OT data assets. You will be responsible for implementing and maintaining OT data security measures, conducting security assessments and audits, and responding to security incidents to mitigate risks and protect our organization's data.

Responsibilities:

• Assist in determining sensitivity and protection level of OT data created, transmitted and/or maintained in GSK’s OT Environments, and ensure process is established and followed in each Business Unit to ensure the protection of data created, transmitted and/or maintained therein.

• Collaborate with business unit stakeholders to determine which data should be regarded as highly sensitive and protected by GSK’s data governance programme.

• Maintain the OT data classification policy by working with OT Governance & Compliance team to include data commonly associated with GSK’s OT Operations, including manufacturing methods and processes, recipes, analytical data.

• Manage and maintain the OT data policies and procedures, and conduct assessments to assure compliance with the same.

• Provide OT data handling expertise in the prevention of, and analysis of any OT Data threats and incidents.

• Develop, implement, and maintain data security policies, procedures, and standards to protect against unauthorized access, disclosure, and modification of data.

• Conduct (and participate in) regular security assessments and audits of our use of OT data (At Rest and In Transit) in OT systems, networks, and applications to identify vulnerabilities and compliance gaps.

• Work with the Security Operations Centre to monitor and analyse security events and alerts to detect and respond to potential security incidents in a timely manner.

• Investigate OT data security incidents and breaches, assist with root cause analysis, and help develop remediation plans to prevent recurrence.

• Collaborate with cross-functional teams to ensure that OT data security requirements are integrated into the design, development, and deployment of new systems and applications.

• Stay informed about emerging threats and vulnerabilities, industry trends, and best practices in OT data security.

• Provide guidance and support to OT Cyber Hub colleagues, Tech service partners and Business Unit stakeholders on industry-best OT data security practices, policies, and procedures

Skills required:

• Excellent analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions.

• Excellent stakeholder engagement, written and oral communication skills and exceptional presentation skills.

• Scrupulous attention to detail in the identification, assessment, and disposition of risks.

• Able to adjust communications approach and style based on target audience.

• Experience engaging with and influencing senior stakeholders in their handling of OT data.

• Sound organisational skills with experience in maintaining standards and reporting artefacts

• Strong planning and execution tracking to-plan; attention to detail.

• Familiarity with regulatory requirements and frameworks related to data security, such as GDPR, HIPAA, PCI DSS, ISO 27001, and OT Security frameworks like ISA

• Background in data resilience, audit and/or cybersecurity.

• 5+ years’ experience in leading large scale global Data Security Management, preferably in the OT Cyber Security space.

• Proven experience of working with multiple stakeholders to promote thoughtful and practical solutions to Data Security challenges.

• Ability to communicate complex ideas effectively to native and non-native English audience.