Job Description
Posted Date: Jun 27 2026
Job Description
The Cyber Risk & Assurance - BU Metrics Senior Analyst will work within GSK’s Cyber Risk & Assurance team, support the metrics (KRI, KPI, and KCI, etc.) programs and reporting automation development.
This includes program level governance operations and metric level risk assessment utilizing demonstrated knowledge and skills of risk management, quantitative analysis, and project/program management.
Key Responsibilities
Support the development and/or implementation of program governance activities for cyber security risk metrics program including the creation of program framework, process map, procedures, RACI, and any other relevant governance components.
Completes cyber security risk coverage assessments and reports in line with departmental procedures and processes.
Perform independent validation of all quantitative components of metrics throughout the metric lifecycle which include but not limited to the back testing of data selection, attribute aggregation, metric methodology/formulation, and thresholds determination, as well as the ad-hoc analyses of ongoing metric performance and root cause profiling.
Provide clarifying support, where necessary, to internal risk/metric/data/system owners throughout metric development and validation lifecycle, maintain metric inventory, create holistic assessment of metric needs, and initiate/facilitate/track metric development, recalibration, annual refresh activities.
Assist cyber security metrics ongoing reporting needs including but not limited to create and update inventory, generate report, calculate statistical hypothesis, and conduct ad-hoc analysis, etc.
Assist in establishing tangible KRIs and KPIs reporting metrics and measurements.
Prepare clear, concise, and accurate documentation/analysis of the report metrics as well as facilitate ad hoc, special requests, etc. Maintain master report inventory and collect, verify, and upload data to multiple tools.
Demonstrate attention to detail while making recommendations based on the analysis of actual information.
Exercise independence of judgement and autonomy; act as SME to stakeholders and/or team members.
Minimum 4-5 years of experience in Power BI
Experience in creating BI dashboard visualizations and creating reports from different sources such as SQL server, Flat Files, JSON, DBs and Azure applications insights.
Experience in integrating Power BI with Azure AD.
Basic Qualifications
A bachelor's degree in Computer Science or related field
Demonstrated experience with end-to-end security metrics process including metrics collection, tracking, and reporting.
Experience in developing information security presentations for executive level consumption and effectively influencing program owners to drive remediation
Experience in establishing an enterprise-wide metric reporting solution including process definition, workflow design, and process mapping
Understanding of security frameworks and standards such as NIST, CIS, OWASP
Preferred Qualifications
Advanced certifications, diplomas, professional certifications, advanced degrees in Cyber or information security - examples include: CISSP, CISM, CISA, CIPT, CIPM, CRISC or other relevant certification desired
Significant excel experience (ease of working with formulas and Macros) and knowledge in a data manipulation tool through scripting.
Project Management
Experience in building elegant and interactive data visualizations of complex information
Experience in planning, designing, and deploying the integration of various data sources into a BI solution
Experience in PowerBI, Archer Integration, Risk Management, and PowerPoint
GSK is a global biopharma company with a special purpose – to unite science, technology and talent to get ahead of disease together – so we can positively impact the health of billions of people and deliver stronger, more sustainable shareholder returns – as an organisation where people can thrive. Getting ahead means preventing disease as well as treating it, and we aim to positively impact the health of 2.5 billion people by the end of 2030.
Our success absolutely depends on our people. While getting ahead of disease together is about our ambition for patients and shareholders, it’s also about making GSK a place where people can thrive. We want GSK to be a workplace where everyone can feel a sense of belonging and thrive as set out in our Equal and Inclusive Treatment of Employees policy. We’re committed to being more proactive at all levels so that our workforce reflects the communities we work and hire in, and our GSK leadership reflects our GSK workforce.
Important notice to Employment businesses/ Agencies
GSK does not accept referrals from employment businesses and/or employment agencies in respect of the vacancies posted on this site. All employment businesses/agencies are required to contact GSK's commercial and general procurement/human resources department to obtain prior written authorization before referring any candidates to GSK. The obtaining of prior written authorization is a condition precedent to any agreement (verbal or written) between the employment business/ agency and GSK. In the absence of such written authorization being obtained any actions undertaken by the employment business/agency shall be deemed to have been performed without the consent or contractual agreement of GSK. GSK shall therefore not be liable for any fees arising from such actions or any fees arising from any referrals by employment businesses/agencies in respect of the vacancies posted on this site.
It has come to our attention that the names of GlaxoSmithKline or GSK or our group companies are being used in connection with bogus job advertisements or through unsolicited emails asking candidates to make some payments for recruitment opportunities and interview. Please be advised that such advertisements and emails are not connected with the GlaxoSmithKline group in any way.
GlaxoSmithKline does not charge any fee whatsoever for recruitment process. Please do not make payments to any individuals / entities in connection with recruitment with any GlaxoSmithKline (or GSK) group company at any worldwide location. Even if they claim that the money is refundable.
If you come across unsolicited email from email addresses not ending in gsk.com or job advertisements which state that you should contact an email address that does not end in “gsk.com”, you should disregard the same and inform us by emailing [email protected], so that we can confirm to you if the job is genuine.
💡 Quick Summary
Seeking a career-building opportunity? The Senior Lead Analyst position is now open for candidates interested in the Operations Executive Jobs sector. This role in Bengaluru offers a professional environment and growth potential.
Requirement Snapshot: Candidates should possess basic communication skills, a proactive attitude, and the ability to work in a team. Experience in Operations Executive Jobs is a plus.
