Director, Innovation, Strategy and Roadmaps

Site Name: Durham Blackwell Street, Philadelphia Walnut Street, Richardson Dallas TX, Upper Providence, Waltham
Posted Date: Feb

At GSK, we want to supercharge our data capability to better understand our patients and accelerate our ability to discover vaccines and medicines.

The Cybersecurity organization is a key partner in GSK's efforts to deliver a step-change in our ability to leverage data, knowledge, and prediction to find new medicines.

We are a full-stack shop consisting of product and portfolio leadership, data engineering, infrastructure and DevOps, data / metadata / knowledge platforms, and AI/ML and analysis platforms, all geared toward:

• Building a next-generation, metadata- and automation-driven data experience for GSK's scientists, engineers, and decision-makers, increasing productivity and reducing time spent on "data mechanics"

• Providing best-in-class AI/ML and data analysis environments to accelerate our predictive capabilities and attract top-tier talent

• Aggressively engineering our data at scale, as one unified asset, to unlock the value of our unique collection of data and predictions in real-time

The Director, Innovation, Strategy and Roadmaps will work within GSK's AIML Security and Emerging Technology team, interacting directly with stakeholders and technical teams to drive and support the key programs and projects related to Artificial Intelligence (AI) and Machine Learning (ML) and other innovations and emerging technologies. This is critical to the development of new medicines, particularly as we generate increasingly complex experimental data at scale. Our vision places AI and other innovations at the centre of human genetics and functional genomics. We see the capabilities with tightly-coupled, experimental feedback loops, playing a pivotal role in understanding genetics and developing the next generation of medicines. This role will be required to be a subject matter expert in delivering security enhancements into existing and new applications, infrastructure and business processes with a specialty in the areas of AI/ML, data security, data integrity, and data democratization. This includes how to embed security requirements and risk decisions into an agile developed product, making decisions expeditiously to ensure timely delivery of a secure outcome.

The role will be responsible for making recommendations into the direction of the Senior Director, AIML Security and Emerging Technology as well as directed business programs and projects. The role will support teams that are dispersed globally and will interface with the technical leadership teams of our various business units as a trusted advisor.

Key Responsibilities:

• Develop and maintain a comprehensive cybersecurity innovation strategy and roadmap that integrates emerging technologies, business requirements, and domain-specific roadmaps (e.g., application, cloud, IdAM, endpoint, networking).

• Align cybersecurity initiatives with broader business goals, regulatory requirements, and risk management priorities.

• Continuously scan the cybersecurity landscape for emerging technologies, trends, and threats to evaluate their impact and potential benefits.

• Develop and recommend technology adoption strategies based on security needs, business priorities, and feasibility assessments.

• Lead proof-of-concept initiatives and pilot programs to validate new technologies.

• Foster a culture of cybersecurity innovation by identifying and driving initiatives that enhance security capabilities.

• Partner with industry forums, cybersecurity consortia, and academia to stay ahead of the technology curve and bring forward leading practices.

• Collaborate with internal and external stakeholders to explore AI, automation, quantum security, and other advanced security solutions.

• Work closely with finance and leadership teams to ensure innovation projects align with financial planning and investment strategies.

• Develop business cases, cost-benefit analyses, and funding proposals for strategic cybersecurity initiatives.

• Ensure cybersecurity innovation efforts align with enterprise architecture and domain-specific roadmaps.

• Coordinate with domain architects to integrate security considerations into cloud, application, endpoint, identity, and network transformation initiatives.

• Engage with cybersecurity, IT, risk, compliance, and business teams to ensure strategic alignment and adoption of new capabilities.

• Ensure new technologies and strategies align with regulatory compliance requirements, industry standards, and internal security policies.

• Develop key performance indicators (KPIs) and success metrics for cybersecurity innovation efforts.

• Serve as a thought leader and advocate for cybersecurity innovation across the enterprise.

Basic Qualifications:

• Experience in Engineering, IT/Comp Sci/ Information Assurance/ Cybersecurity/ Management

• 10+ years' experience in Information Technology

• 7+ years' experience in Information Security and Risks

• 5+ years of experience and knowledge of governance, security, risks, and compliance.

• Experience developing and delivering security requirements into Agile developed projects and work streams with external dependencies.

• Experience working in a continuous integration and continuous delivery model (CI/CD).

• Experience in modern cloud computing and delivery platforms such as Microsoft Azure, Google Cloud and/or Amazon AWS.

• Experience designing and delivering security requirements to support agile software development processes (Jira/Confluence/Jenkins).

• Experience with security testing tools which perform vulnerability identification, threat analysis and static/dynamic code review.

Preferred Qualifications:

• Deep experience with security in cloud environments around GDPR, CCPA, PHI/PII data, data encryption at rest and in transit as well security concepts like tokenization, federated security models and secrets management

• Expertise in cryptography, authentication protocols and authorization standards (e.g SSL/TLS, SAML, OAuth, JWT, OPA)

• Prior experience of supporting or building and securing large scale distributed systems and big data platforms.

• Deep technical experience and knowledge in the design and implementation of analytical data platforms and accepted best practices around data movement, meta-data catalogues, data transformation, data ingestion, data security, data science and data mining in both Cloud, hybrid and on-premises environments

• Understand Real time detection engineering lifecycle from ingestion to access

• Certifications - One or more of the following desired: CISSP, CSSLP, CCSK, CCSP.

• Pharmaceutical experienced preferred but not essential.

GSK is a global biopharma company with a special purpose - to unite science, technology and talent to get ahead of disease together - so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns - as an organisation where people can thrive.