Incident Response Manager

GSK Tech Global Centre in Poznan
Online interview
Employment contract
Remote possible
Paid vacation

Project description

This role will be a critical function responsible for helping manage, mature and execute on the company’s incident response (IR) playbook. The role will be a part of a fast-paced operational area within the Cyber Security department. The leader of the role will work to handle the constantly evolving threat landscape while also using current resources, ongoing development of their workforce and input in mindful planning to ensure the company has the trusted appropriate tools to take care of cyber incidents across the corporate portfolio. This role will manage traditional IR capabilities, while building industry leading and forward-looking teams. Teams will be responsible for application of threat intelligence and information together with seek team abilities related to machine learning, artificial intelligence and related analytical capabilities. The role will execute on incident management plans while offering recommendations for process refinement across the technology footprint of GSK. This role must also help ensure the support of confidentiality and data integrity within the GSK network and extended boundaries.

Your tasks

  • Coordinate CSIR team’s incident response and forensics tasks in order to make sure an incident is accurately prioritized, and the incident response subtasks execute appropriate playbooks and meet agreed SLA
  • Candidate should be familiar with incident response processes, network investigative techniques, network intrusion patterns, malware analysis, and cyber security trends and issues
  • The manager will serve as first point of contact for high/critical network security incidents and should be able to perform functions such as log analysis, network traffic and endpoint forensics, draw together data from disparate sources, and have experience coordinating large scale incident response that would include tech and not tech related business partners
  • Provide appropriate gathering of information which enables visibility and decision-making process to various Tech departments along with Information Security and Risk leadership team
  • Develop, improve, drive business plans which improve security posture and align to help meet the needs of business partners

Who we're looking for?


  • Bachelor’s degree or equivalent work experience
  • 5 years' experience in physical and/or digital information and/or incident handling
  • 3 years' experience crafting and presenting technical strategies and technical solution recommendations as well as demonstrated experience of leading multi-functional teams


  • If you have the following characteristics, it would be a plus:
  • Master’s degree or further sophisticated qualification from professional IT security body (i.e. ISACA CISM or CISSP) in Information Technology, Information Security, Information Assurance, Information Management
  • Vendor relationships and experience working in NDA and future tech solutions to allow for strategy development of deployable infrastructure from TechOPs and Cloud perspectives
  • Solid background and experience around building network engineering, systems administration, scripting, correlation, analytics, support various operating systems exposure to at least the administrator level (Windows, Linux, UNIX)

How we manage our projects?
Scrum, Agile, Kanban
Who makes architectural decisions?
Team and tech leads
Who makes technology stack decisions?
Project management software
JIRA, Microsoft Teams, Azure Devops
How we code?
Version control
Style guide
Code review
Static code analysis
Code metrics
Knowledge database
How we test?
Unit tests
Integration tests
System tests
Performance tests
Manual testing
Test automation
Additional monitor
Personal container
Operating system
Work environment
Tech supervisor
Open space
Flexible working hours
  • Healthcare package
  • Healthcare package for families
Leisure package
  • Leisure package
  • Hot beverages
  • Fruits
  • Snacks
  • Trainings
  • Car parking
  • Bicycle parking
  • Chill room
  • Integration events
  • work up to 80% of your working time per month remotely
  • flexible working hours
  • work part-time or have a long weekend thanks to Short Friday

Our company

GSK Tech Global Centre in Poznan

Poznań 750
Tech skills
  • Node.js
  • JavaScript
  • Java

Check out similar job offers