Senior Cyber Intrusion Analyst

The Pfizer Digital Global Information Security (GIS) team delivers three core capabilities for Pfizer - Intrusion Detection & Analysis, Threat Intelligence, and Forensics. GIS secures Pfizer’s most important information assets through world-class controls and protections. GIS enables Pfizer’s business results by making security an enabler and not a roadblock. GIS strives to broaden the cybersecurity ownership culture across the company through targeted awareness campaigns and empowering colleagues to be risk aware.

Cyber Intrusion Analysts will sit within the Intrusion Detection & Analysis team and respond to network security events to build a deep understanding of computer network attacks against Pfizer’s global enterprise. Cyber Intrusion Analysts will be expected to perform event correlation across large datasets, perform attack lifecycle analysis, develop remediation plans, implement proactive and reactive countermeasures, and create innovative solutions to the security issues that face the Pfizer environment.

POSITION RESPONSIBILITIES

Primary responsibilities include:

- Leveraging security data from internal sensors (IDS, Firewall, SIEM, Proxy, hosts) and external sources (Industry portals, threat intel feeds, etc) to identify high priority alerts and perform attack life-cycle analysis to develop/implement proactive mitigations.
- Utilize understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation to conduct analysis across forensic evidence, log data, compromised hosts, and network traffic
- Review security incidents and alerts; determine their severity and impact to the Pfizer enterprise along with detailed response actions
- Required to stay up to date with current vulnerabilities, attacks, and countermeasures, along with staying current with all security related news and developments.
- Drive process creation and improvement by developing internal Tactics, Techniques, and Procedures (TTPs) for analysis, establishing reporting criteria, structure, and operational reports
- Assist to mentor junior analysis and provide guidance on technical steps and incident response processes
- Demonstrate commitment to training, self-study and maintaining proficiency in the technical cyber security domain.

ORGANIZATIONAL RELATIONSHIPS
- The primary customer groups and key relationships this position will have interactions with include Global Privacy Office, Global Security, Corporate Legal, Human Resources, Compliance and Corporate Audit
- The primary support groups this position will have interactions with include the Pfizer Digital Messaging Team, the Identity Management Team, the Network Team, the Desktop Engineering Team, Border and Enterprise Network Services, Desktop Service and Support, Telecommunications, Document Management (SharePoint), and File and Print Services, Web Services and colleagues within Pfizer Digital Security Services.

EDUCATION
- BS in Computer Sciences, Information Security, Information Systems, Engineering, Sciences or related field.

EXPERIENCE
- 2-4 years of domain relevant experience preferred
- Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs)
- Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
- Entry level knowledge of the Windows operating system, system utilities, admin functions
- Ability to interpret log data and draw analytical conclusions
- Experience with open source security analysis tools such as Wireshark, SNORT, Splunk, Kali Linux, Sift, etc.
- Experience with Computer programming and scripting languages such as C, Python, Java, etc.
- Ability to proactively solve complex problems both individually and as part of a team.
- Effective oral, written, and interpersonal communications skills are required as well as organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously.
- Able to work well with a team, including cross-unit and cross-divisional teams, and must be able to maintain poise and composure in difficult situations, with a professional attitude at all times.

Work Location Assignment: Flexible

Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.

Information & Business Tech

LI-PFE