ROLE SUMMARY
The Pfizer Digital Global Information Security (GIS) team delivers three core capabilities for Pfizer – Intrusion Detection & Analysis, Threat Intelligence, and Forensics. GIS secures Pfizer’s most important information assets through world-class controls and protections. GIS enables Pfizer’s business results by making security an enabler and not a roadblock. GIS strives to broaden the cybersecurity ownership culture across the company through targeted awareness campaigns and empowering colleagues to be risk aware.
Cyber Intrusion Analysts will respond to network security events to build a deep understanding of computer network operations (CNO) against Pfizer. Additionally, Cyber Intrusion Analysts will be expected to perform event correlation across large datasets, perform attack lifecycle analysis, develop remediation plans, implement proactive and reactive countermeasures, and create innovative solutions to the security issues that face the Pfizer environment.
ROLE RESPONSIBILITIES
Leveraging security data from internal sensors (IDS, routers, SIMS, firewalls, hosts) and external sources (Industry portals, threat intel feeds, etc) to identify high priority alerts and perform attack life-cycle analysis to develop/implement proactive mitigations.
Review security incidents; determine their severity and impact
Demonstrated understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
Demonstrated understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs).
Forensic analysis; analysis of compromised machines and analysis of network traffic and log data.
Drive process creation and improvement and develop internal Tactics, Techniques, and Procedures (TTPs) for analysis, establishing reporting criteria, structure, and operational reports
Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
Effective oral, written, and interpersonal communications skills are required as well as organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously.
The analyst must be able to work well with a team, including cross-unit and cross-divisional teams, and must be able to maintain poise and composure in difficult situations, with a professional attitude at all times.
Demonstrated ability to be able to lead a project or cross-unit team.
QUALIFICATIONS
BS in Computer Sciences, Information Security, Information Systems, Engineering, Sciences or related field.
Entry level understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements.
Entry level knowledge of the Windows operating system, system utilities, admin functions
Participation in cyber security challenges (red team / blue team; capture the flag; etc…)
Ability to interpret log data and draw analytical conclusions
Entry experience with open source security analysis tools such as Wireshark, SNORT, Splunk, Kali Linux, Sift, REMnux etc..
Entry experience with Computer programming and scripting languages such as C, Python, Java, etc..
Entry level understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques and procedures (TTPs)
Ability to proactively solve complex problems both individually and as part of a team
Demonstrated commitment to training, self-study and maintaining proficiency in the technical cyber security domain.
Effective oral, written, and interpersonal communications skills are required as well as organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously.
Closing date is 16th February 2020