Poznań, Poznań, Greater Poland Voivodeship, Polska
GSK
10. 10. 2024
Informacje o stanowisku
technologies-expected :
Azure
GCP
Terraform
API
PaaS
about-project :
GSK offers an exciting opportunity for an experienced cloud security analyst to join a growing cloud security team in GSKs Cyber Security Office (CSO). You will work closely with cross-functional technical teams to embed GSKs cloud security strategy, enabling secure by design use of GSK cloud platforms.
This role offers the opportunity to use a wide range of skills to deliver an enterprise cloud security program supporting modern architecture patterns and technologies.
The ideal candidate will combine excellent technical and communication skills with a collaborative approach to ensure optimal stakeholder alignment with our cloud security strategy.
responsibilities :
Understand and contribute to GSKs cloud security governance framework and security controls for multi-cloud environment including Microsoft Azure, GCP and AWS.
Build and maintain a network of key stakeholders across security, IT, business tech and developer teams to ensure customer understanding of security requirements and tools available to ensure compliance.
Define and align cloud security standards, frameworks and policies with overall business and technology strategy and leverage processes and tools to monitor and enforce compliance.
Define and periodically review cloud service security controls and guidance documentation for all IaaS & PaaS services, balancing business objectives with information and cyber security requirements.
Define security guidance and best practice for all IaaS & PaaS services to supplement security controls.
Define and periodically review cloud service security controls and governance for sanctioned and unsanctioned SaaS platforms.
Provide cloud security technical review for large scale cloud projects and platforms providing recommended changes or enhancements to ensure alignment with secure by design principles.
Provide cloud security technical review for to cyber risk assurance and governance risk and compliance teams for solution architecture reviews.
Identify and communicate current and emerging security threats.
Maintain technical skills and knowledge, keeping up to date with market trends and competitive insights.
requirements-expected :
Minimum of 3 years working as an information security professional and at least 2 years hands on experience with cloud security.
Strong security knowledge of at least one of Azure and GCP. Any knowledge of AWS will be beneficial but is not a must
Proven experience in implementing and/or reviewing of secure cloud native solutions, leveraging containers, micro-services, APIs, PaaS capabilities such as data storage, databases and data processing technologies, and identity & access management suites.
Proven experience creating ‘secure by design’ cloud solution patterns using Infrastructure as Code templates. Ideally experience in Terraform.
Proven experience working with Infrastructure as Code security scanning solutions. Ideally experience of tools like open policy agent which use Rego.
Proven experience working with Azure Policy and GCP org Policies. Managing cloud native policies using Terraform (desirable).
Very good verbal/written communication in English, with the ability to effectively interact with both technical and non-technical professionals.
Ability to work with virtual teams located in different countries around the world, aligning and adapting different work, culture, and communication styles.
offered :
Career with purpose - whatever it is you’re doing, you’ll be sharing our mission to improve the quality of human life, by enabling people to do more, feel better and live longer
Possibility of developing within the role and company’s structure
Hybrid working model
Additional benefits (yearly bonus, medical care, life insurance, pension scheme, sports card, holiday bonus)
Access to newest technologies and solutions and operating them at scale
Team Building events
Career at one of the leading global healthcare companies
Supportive & friendly working environment
Corporate culture based on our values: patient focus, integrity, respect and transparency
benefits :
sharing the costs of sports activities
private medical care
life insurance
flexible working time
retirement pension plan
parking space for employees
extra social benefits
sharing the costs of tickets to the movies, theater