Cyber Intrusion Analyst

ROLE SUMMARY

The Cyber Threat Analysis & Response (CTAR) organization at Pfizer delivers three core capabilities for the enterprise – Intrusion Detection & Analysis, Cybersecurity Automation, and Security Policy Architecture. CTAR is part of a broader security organization at Pfizer called Global Information Security (GIS).  GIS secures Pfizer’s most important information assets through world-class controls and protections.  GIS enables Pfizer’s business results by making security an enabler and not a roadblock.

The Cyber Intrusion Analyst will report into the Intrusion Detection & Analysis team and will focus on responding to network security events and building a deep understanding of cybersecurity attacks against Pfizer.  The Cyber Intrusion Analyst will be expected to lead event correlation across large datasets, perform and drive complete attack lifecycle analysis, develop remediation plans, implement proactive and reactive countermeasures, and create innovative solutions to the security issues that face the Pfizer environment.

A demonstrated aptitude to rapidly apply expertise in a complex business and technical environment with previous experience in investigations, analysis, and incident response.  Strong business communication and project management skills are required to maintain effective internal and customer relationships.

ROLE RESPONSIBILITIES

• Leveraging security data from cybersecurity sensors (IDS, routers, SIEM, firewalls, hosts) and external sources (Industry portals, threat intel feeds, etc.) to identify high priority alerts and perform attack life-cycle analysis to develop/implement proactive mitigations.

• Investigate cybersecurity incidents to be able to determine impact, understanding of threat, and recommended mitigation/remediation

• Forensic analysis; analysis of compromised machines and analysis of network traffic and log data.

• Malware analysis

• Signature/alert development to help catch threats to Pfizer’s computers and network (e.g. Yara, SNORT, etc)

• Commitment to training, self-study and maintaining proficiency in the technical cyber security domain.

• The analyst must be able to work well with a team, including cross-unit and cross-divisional teams, and must be able to maintain poise and composure in difficult situations, with a professional attitude at all times.

QUALIFICATIONS

• BS in Computer Sciences, Information Security, Information Systems, Engineering, Sciences or related field.

• 0-2 years of experience

• Entry level understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.

• Entry level understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs)

• Entry level knowledge of the Windows operating system, system utilities, admin functions

• Participation in cyber security challenges (red team / blue team; capture the flag; etc…)

• Ability to interpret log data and draw analytical conclusions

• Entry experience with open source security analysis tools such as Wireshark, SNORT, Splunk, Kali Linux, Sift, REMnux etc..

• Entry experience with Computer programming and scripting languages such as C, Python, Java, etc..

• Ability to proactively solve complex problems both individually and as part of a team

• Effective oral, written, and interpersonal communications skills are required as well as organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously.

  

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS

Standard work schedule & occasional travel required (less than 5%).

Other Job Details:

• Last Date to Apply for Job: October 1st 2021

• Eligible for Employee Referral Bonus: Yes

Pfizer requires all U.S. new hires to be fully vaccinated for COVID-19 prior to the first date of employment.  As required by applicable law, Pfizer will consider requests for Reasonable Accommodations.

Sunshine Act

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations.  These laws and regulations require Pfizer to provide government agencies with information such as a health care provider’s name, address and the type of payments or other value received, generally for public disclosure.  Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act.  Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government.  If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.

EEO & Employment Eligibility

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status.  Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA.  Pfizer is an E-Verify employer.

Information & Business Tech