Analyst - Cyber Design Assurance & Product Management (DA&PM)

Responsibilities

• Support the integration of secure design principles into product, platform, infrastructure, and cloud environments during planning, design, and implementation phases.
• Support security design reviews, technical assessments, control validations, threat modelling activities, and architecture assurance exercises across enterprise technologies and platforms.
• Contribute to governance activities including control assessments, standards alignment, exception tracking, and lifecycle assurance across security and technology platforms.
• Assist in evaluating, onboarding, operationalizing, and reviewing cybersecurity tools across cloud, identity, application security, infrastructure, and data protection domains.
• Work with engineering, platform, cloud, hosting, and cyber defence teams to support secure implementation, remediation planning, telemetry enablement, and operational alignment.
• Support identification of security risks, control gaps, configuration issues, and exposure scenarios across enterprise systems, cloud environments, and platforms.
• Assist in preparing dashboards, assessment summaries, risk metrics, usage insights, and reporting related to security controls, product assurance, and governance activities.
• Help maintain security guidance, reusable assessment templates, design assurance checklists, and secure-by-default implementation standards.
• Contribute to initiatives related to Zero Trust, cloud security, identity security, API security, DevSecOps, and enterprise security transformation programs.
• Collaborate with product owners, architecture teams, engineering teams, operations teams, and vendors to support delivery of secure and scalable enterprise solutions.

Requirements

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical field.
• 2-5 years of experience in cybersecurity, cloud security, infrastructure security, application security, or security engineering functions.
• Working knowledge of cloud platforms such as Microsoft Azure and Google Cloud Platform (GCP), including security controls, identity and access management, networking, monitoring, and cloud-native security principles.
• Familiarity with cybersecurity concepts including IAM, network security, endpoint security, application security, vulnerability management, and data protection principles.
• Understanding of security standards and frameworks (e.g., NIST CSF, CIS Benchmarks, OWASP, MITRE ATT&CK, Zero Trust).
• Experience supporting security assessments, governance activities, engineering functions, or operational security processes.
• Preferred Skills
• Familiarity with DevSecOps practices and integrating security into CI/CD pipelines.
• Exposure to security technologies across the stack (e.g., CNAPP, CSPM, SIEM/SOAR, EDR/XDR, PAM/PIM, SAST/DAST, API Security, Data Classification/Labeling).
• Basic scripting or automation knowledge (e.g., PowerShell, Python, Bash) is beneficial.
• Strong analytical, troubleshooting, and problem-solving capabilities.
• Good communication and stakeholder collaboration skills.
• Ability to work in a fast-paced, federated environment supporting secure delivery and operational alignment.
• Interest in modern cybersecurity practices aligned to Zero Trust, secure-by-design, cloud-native security, and enterprise transformation initiatives.
• Why GSK?
• Uniting science, technology and talent to get ahead of disease together.
• People and

Benefits

Additional Information

Analyst - Cyber Design Assurance & Product Management (DA&PM) The Design Assurance & Product Management (DA&PM) function supports the integration of cybersecurity into products, platforms, cloud services, and enterprise infrastructure throughout their lifecycle. DA&PM contributes to technical design assurance, governance activities, product assurance, and security enablement initiatives to help ensure secure-by-design implementation across enterprise technologies. This role works closely with architecture, engineering, cloud, infrastructure, identity, and product teams to support secure delivery, operational alignment, and continuous improvement of cybersecurity controls and practices.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at GSK? Share your experience