Cyber Risk & Assurance
Job ID 49166
Experience 5 Years
Qualifications GraduateBSc Computer ScienceB. Tech
The Cyber Risk & Assurance – BU Metrics Senior Analyst will work within GSK’s Cyber
Risk & Assurance team, support the metrics (KRI, KPI, and KCI, etc.) programs and
reporting automation development. This includes program level governance operations
and metric level risk assessment utilizing demonstrated knowledge and skills of risk
management, quantitative analysis, and project/program management.
Support the development and/or implementation of program governance
activities for cyber security risk metrics program including the creation of program
framework, process map, procedures, RACI, and any other relevant governance
Completes cyber security risk coverage assessments and reports in line with
departmental procedures and processes.
Perform independent validation of all quantitative components of metrics
throughout the metric lifecycle which include but not limited to the back testing of
data selection, attribute aggregation, metric methodology/formulation, and
thresholds determination, as well as the ad-hoc analyses of ongoing metric
performance and root cause profiling.
Provide clarifying support, where necessary, to internal risk/metric/data/system
owners throughout metric development and validation lifecycle, maintain metric
inventory, create holistic assessment of metric needs, and initiate/facilitate/track
metric development, recalibration, annual refresh activities.
Assist cyber security metrics ongoing reporting needs including but not limited to
create and update inventory, generate report, calculate statistical hypothesis, and
conduct ad-hoc analysis, etc.
Assist in establishing tangible KRIs and KPIs reporting metrics and
Prepare clear, concise, and accurate documentation/analysis of the report
metrics as well as facilitate ad hoc, special requests, etc. Maintain master report
inventory and collect, verify, and upload data to multiple tools.
Demonstrate attention to detail while making recommendations based on the
analysis of actual information.
Exercise independence of judgement and autonomy; act as SME to stakeholders
and/or team members.
Minimum 4-5 years of experience in Power BI
Experience in creating BI dashboard visualizations and creating reports from
different sources such as SQL server, Flat Files, JSON, DBs and Azure
Experience in integrating Power BI with Azure AD.
• A bachelor’s degree in Computer Science or related field
• Demonstrated experience with end-to-end security metrics process including metrics
collection, tracking, and reporting.
• Experience in developing information security presentations for executive level
consumption and effectively influencing program owners to drive remediation
• Experience in establishing an enterprise-wide metric reporting solution including
process definition, workflow design, and process mapping
• Understanding of security frameworks and standards such as NIST, CIS, OWASP