Analyst, Digital Investigations

GSK

About The Position

GSK remains committed to achieving bold commercial ambitions for the future. By 2031, we aim to deliver £40 billion in annual sales, leveraging our existing strong performance momentum to significantly increase our positive impact on the health of billions of patients globally. Our Ahead Together strategy is centred on early intervention to prevent and alter the course of disease, thereby protecting people and supporting healthcare systems. Our diverse portfolio consists of vaccines, specialty medicines, and general medicines. Through continuous innovation and a dedicated focus on scientific and technical excellence, we strive to develop and launch new, groundbreaking treatments that address critical health challenges. You will join GSK’s digital investigations team to help detect, investigate, and resolve cybersecurity incidents. You will work with colleagues across cyber, IT, and business teams to turn data and signals into clear, timely decisions. We value curiosity, clear communication, and a practical approach to problem solving. This role offers strong learning and career growth, and a chance to contribute to work that supports GSK’s mission of uniting science, technology and talent to get ahead of disease together.

Requirements

Bachelor’s degree in computer science, information systems, cybersecurity, or equivalent practical experience.
2+ years’ experience working in general field of investigations, cyber security, information technology, investigative governance, or case management, or other requisite skills.
Experience with security tools such as SIEM (security information and event management), endpoint detection and response, or log analysis platforms.
Knowledge of operating systems (Windows, macOS, Linux) and basic network concepts.
Investigative mindset with attention to detail and accuracy.

Nice To Haves

Experience using scripting or query languages for data analysis (for example Python, PowerShell, or SQL).
Clear written and verbal communication skills; able to prepare concise summaries and maintain professional stakeholder interactions.
Familiarity with digital forensics concepts, evidence handling, and basic malware analysis.
Knowledge of threat intelligence practices and how to operationalize indicators of compromise.
Professional security certifications such as GCIH, GCIA, CEH, or equivalent.
Experience working in large, global, or regulated environments.

Responsibilities

Manage daily intake of concerns from internal and external reporting channels.
Escalate incidents to senior investigators or other DFIR/internal stakeholders as needed.
Employ fact finding techniques such as systems research, coordinating and/or conducting conversations with appropriate stakeholders.
Submit requests to obtain specific information to identify incident cause, scope, and potential impact.
Analyze and interpret available information and compiled facts to determine any corrective and preventative actions that may be required.
Facilitate appropriate notification based on corrective and preventative actions, to business partners such as Privacy, Forensics, Cyber Security Incident Response, Insider Threat, Human Resources, Legal, Corporate Investigations, etc.
Ensure all research and compiled facts are properly documented within an incident management system.
Monitor service dashboard and identify new system controls and processes.
Work closely within current written standards and SOP’s and update and maintain those existing and new standards.
Deliver regular information reports as needed and meet Service Level Agreements.
Provide recommendations for continuous improvement opportunities based on data.