Job title: Information Security Training & Awareness Senior Analyst
Company: GlaxoSmithKline
Job description: Job Description : Site Name: Bengaluru Luxor North Tower Posted Date: Apr 25 2022 The Information Security Training and Awareness Senior Analyst is responsible for supporting GSK’s global security awareness and training programs, educating all perso
Job Description : Site Name: Bengaluru Luxor North Tower Posted Date: Apr 25 2022 The Information Security Training and Awareness Senior Analyst is responsible for supporting GSK’s global security awareness and training programs, educating all personnel and contractors of security threats they face in their jobs, and how to defend against them. Information Security Awareness Analyst will also be responsible for supporting a global phishing assessment program under the direction of Information Security Awareness Manager. This position develops and executes global and targeted security awareness campaigns virtually, and measures the effectiveness of the campaigns. The objective of this position is to ensure that the security awareness program is effectively changing behaviors so our personnel act in a secure manner. Key Responsibilities The Information Security Training and Awareness Senior Analyst will be responsible for: General: Provide comprehensive coordination and administrative support for the social engineering attacks, e.g. phishing, simulations programme. Responsible for supporting that programme and coordinating any learning interventions that are required for people who fall for the simulations. Coordination of all activities related to communication to staff at all levels of the organisation, managing internal and customer-focused communications, assisting with data collection and analysis, creating learning assets and awareness materials Conducting detailed project activities, tracking progress, and reporting the outcomes Collaborate with internal GSK stakeholders and managed service partners’ representatives to recommend necessary security awareness to effectively mitigate risks to GSK Evangelize security awareness processes across business lines to help influence a strong culture of proactive awareness Monitor and identify the top human risks to our organization and the behaviors we need to change to mitigate those risks Implement and support a positive security awareness program, which focuses on changing behaviors both at work and at home Support the creation and procurement of awareness deliverables and learning content, leveraging various channels for effective delivery in our global organization, measures the usage of the content and its effectiveness, and develops metrics Creating awareness materials with outputs of attack simulations and learning status as a result of consequence management piece. Developing Information Security awareness training and materials aligned to the risks associated with end users Developing content with technical subject matter experts using a clear and concise writing style that is appropriate to the intended audience Developing metrics to measure the success of the security awareness program Creating and cooperating with Third Party Vendor on simulating social engineering attacks across all GSK employees targeted for certain wave. Training administration Managing the information protection mailbox and coordinating responses back to employees Working closely with Global Learning & Development (GLD) to schedule and conduct various learning events Managing the translation of content and media into multiple languages Coordinating updates to InfoSec website Leadership (Vision, strategy and business alignment, people management, communication, influencing others, managing change) Influencing action across the team to achieve program objectives. Ability to effectively manage conflicting priorities. Mantin relationships with peers and leaders of complementary programs to ensure harmonization. Decision-making and Autonomy (The capacity and authority to make organizational decisions, autonomy in decision-making, complexity of decisions, impact of decisions, problem-solving) Strategy Delivery – Responsible for preparation of the learning campaigns consistent with GSK Cyber Security strategy across all GSK Project Delivery – Will ensure that work is performed in a timely manner, delivering planned objectives to relevant stakeholders. Operates autonomously and within the team in the execution of security awareness program framework. Interaction (The span and nature of one’s engagement with others when performing one’s job, internal and external relationships) Cooperation with Information Security Awareness Manager to produce data for all areas of the business including HR and Legal and line of business project or contract/service owners and Key suppliers/service providers. Technical Interactions – will be required to interact with highly technical security experts internally and externally as well as business process and data owners. Good project management skills to effectively balance unexpected and conflicting priorities as they arise Intercultural sensitivity Innovation (The required level of scientific knowledge, knowledge sharing, innovation and risk taking) Innovative Approach – Creative thinking and problem-solving skills with the ability to monitor ideas from inception through to implementation. Ability to apply innovative approaches to balancing business constraints with program goals to identify win-win solutions. Complexity (Products managed, mix of businesses, internal and/or external business environment, cultural considerations) Operate across geographies and across business lines. Collaborate effectively with relevant third parties providing platform/services. Minimum Level of Job-Related Experience Required 6+ years of proven experience in cyber security Knowledge of information security principles, technology and tactics with an understanding of technological trends and a basic understanding of information security architecture. Experience developing and delivering security awareness programs Experience working in information security and demonstrable understanding of the concepts of information security Knowledge of security policies and principles of information handling and protection An in-depth understanding of ISO 27002 security policy, and a working knowledge of other policy frameworks such as ISO, COBIT and NIST a plus Familiarity with local and regional regulatory information security requirements Ability to appropriately balance security awareness needs with business impact and benefit Skilled in presentations and briefings Technical acumen with Excel, Tibco Spotfire and other business analysis tools preferable Ability to team well with others to facilitate and enhance the understanding and compliance to security policies Maintain awareness of the current security threat landscape Our goal is to be one of the world’s most innovative, best performing and trusted healthcare companies. We believe that we all bring something unique to GSK and when we combine our knowledge, experiences and styles together, the impact is incredible. Come join our adventure at GSK where you will be inspired to do your best work for our patients and consumers. A place where you can be you, feel good and keep growing. Important notice to Employment businesses/ Agencies GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK’s commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site. It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way. GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKilne (or GSK) group company at any worldwide location. Even if they claim that the money is refundable. If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in ‘gsk.com’, you should disregard the same and inform us by emailing [HIDDEN TEXT], so that we can confirm to you if the job is genuine.
Expected salary:
Location: Bangalore, Karnataka
Job date: Thu, 28 Apr 2022 22:01:44 GMT
Apply for the job now!