PAM Controls Monitoring Analyst

Job Description

The GSK Privileged access service is changing from a bespoke tool to CyberArk and SailPoint and the services we are providing on these tools are new. We have created a number of new positions in the organisation to support the delivery of these new servicesThe Privileged Access Service Controls Monitoring Analyst is one of the new roles created to support the Privileged Access Management Service. The role is responsible for monitoring and reporting on access controls for all privileged accounts that are managed through the serviceThe purpose of the role is responsibility for monitoring and reporting on access controls for all privileged accounts that are managed through the service. This includes working with application and infrastructure teams across the organization to ensure accounts are under control, working with both internal and external Audit teams. This role should have experience with Identity & Access Management processes and controls, software and functional account lifecycles, data analytics (including queries, scripting, and macros), technical operations, authentication protocols, and password vaulting technologies. Experience with various technologies and platforms (Windows, Unix/Linux, Mainframe, Database, and on/off-premise cloud computing) is expected. This role will be considered a subject matter expert and is expected to stay current with various technologies, organizational goals, and industry trends

Assists with design, implementation, and ongoing monitoring and reporting of privileged access controls

Provides consultation, facilitation and analytical support to ensure internal controls are properly aligned and implemented to ensure privileged access compliance

Provides guidance and support to management, process, and control owners on responsibilities.

Consults with leadership on complex control-related issues

Provides consulting to senior level management on internal audit activities and results as well as risk mitigation initiatives in response to audit findings

Educates and influences business partners on control design and effectiveness and recommends actions to increase effectiveness of those controls

Develops effective working relationships with Technical and Application Operations team

Provides best practices regarding key controls to influence and effectively communicate control solutions to all appropriate parties. Provides guidance, training and motivation necessary to create control awareness, ownership and accountability to all

Consults with Enterprise Risk Management, Information Security, Internal Audit and external Audit, Corporate Compliance, Legal and other appropriate parties sharing expertise and knowledge to strengthen the IT control environment

Participates in special projects and performs other related activities as assigned

Minimum Requirements:

Strong audit experience

Knowledge of Identity Access Management principles and industry best practices

Knowledge of SharePoint

Understanding of Database authentication methods and techniques

Experience with CyberArk Privileged Threat Analytics or other Privileged Access Tools a plus

Highly self-motivated, directed, and can work independently without supervision

Desire to learn and grow with existing IAM team

Desired:

CISSP, CISM and/or CISA a plus

ISACA - Certified Information Systems Auditor (CISA)

At GSK we are all inspired by the difference we make and challenge ourselves every day to improve the lives of patients and consumers. That’s why we have created an environment where everyone feels valued, able to develop, contribute to our mission and be proud of what we achieve.To support you in achieving your role and career ambitions you’ll be given the opportunity to:Play an important role in delivering our missionBe an essential part of diverse, global teamDevelop others as part of your own professional growthInterested in Joining the TeamDuring the course of your application you will be requested to complete voluntary information which will be used in monitoring the effectiveness of our equality and diversity policies. Your information will be treated as confidential and will not be used in any part of the selection process.If you require a reasonable adjustment to the application / selection process to enable you to demonstrate your ability to perform the job requirements please contact. This will help us to understand any modifications we may need to make to support you throughout our selection process.The information that you have provided in your cover letter and/or CV will be used to assess your application.Thank you for your interest in this opportunity.Closing Date: COP 10th July 2019*LI-GSK#GSKTechTalentWhy GSK GSK has a 150-year legacy of helping to transform the health, lives and futures of millions of people around the world. We’re a science-led healthcare company with more than 100,000 people working in 115 countries. Each year we produce around 4 billion packs of medicine, nearly 900 million doses of vaccine and more than 18 billion packs of consumer healthcare products. Our focus of helping people do more, feel better and live longer is at the center of all that we aim to do.As a company driven by our values of Patient focus, Transparency, Respect and Integrity, we know inclusion and diversity are essential for us to be able to succeed. We want all our colleagues to thrive at GSK bringing their unique experiences, ensuring they feel good and to keep growing their careers. As a candidate for a role, we want you to feel the same way.We’re open to all talent – whatever your gender, disability, marital status, religion or belief, age, race, sexual orientation, ethnic or national origin.We believe in an agile working culture for all our roles. If flexibility is important to you, we encourage you to explore with our hiring team what the opportunities are.Please don’t hesitate to contact us if you’d like to discuss any adjustments to our process which might help you demonstrate your strengths and capabilities. You can either call us on, or send an email As you apply, we will ask you to share some personal information which is entirely voluntary. We want to have an opportunity to consider a diverse pool of qualified candidates and this information will assist us in meeting that objecti