Use Your Power for Purpose At Pfizer, technology impacts everything we do. Our digital and ‘data first’ strategy focuses on implementing impactful and innovative technology solutions across all functions from research to manufacturing. Your work will directly contribute to improving patients' lives by ensuring the security and integrity of our digital assets. Whether you are digitizing drug discovery and development, identifying solutions, or making our work easier and faster, you will be making a difference to countless lives. ROLE SUMMARY The Global Information Security (GIS) organization delivers the following capabilities for Pfizer. Business application platforms supporting Pfizer’s enterprise application and critical business processes. Infrastructure allowing business traffic to travel where it needs to go, internally and externally, along with the appropriate access controls. GIS secures Pfizer's most important information assets through world class controls and protections and enables Pfizer's business results by making security an enabler and not a roadblock to achieving business results. The Cyber Threat Analysis & Response (CTAR) team at Pfizer delivers three core capabilities for the enterprise – Intrusion Detection & Analysis, Cybersecurity Automation, and Security Policy Architecture. CTAR is part of a broader security organization at Pfizer called Global Information Security (GIS). The GIS team secures Pfizer’s most important information assets through world class talent, top security controls and an empowered culture that serves to enable Pfizer’s mission of delivering breakthroughs that change patients’ lives. The Principal Cyber Intrusion Analyst will report into the Intrusion Detection & Analysis team and will focus on responding to network security events and building a deep understanding of cybersecurity attacks against Pfizer. The Principal Cyber Intrusion Analyst will be expected to lead event correlation across large datasets, perform and drive complete attack lifecycle analysis, develop remediation plans, implement proactive and reactive countermeasures, and create innovative solutions to the security issues that face the Pfizer environment. The Principal Cyber Intrusion Analyst will have demonstrated aptitude to rapidly apply expertise in a complex business and technical environment with previous experience in investigations, analysis, and incident response. Strong business communication and project management skills are to maintain effective internal and customer relationships. In addition, this position is also responsible for developing appropriate security incident response actions and monitoring effectiveness metrics. ROLE RESPONSIBILITIES Working closely with the IDA leaders in APAC, EMEA & AMER regions, develop, organize, and maintain a 24x7 incident response function composed of qualified personnel (colleague & contractor staff), properly trained to leverage security data from internal sensors (IDS, routers, SIEMs, firewalls, hosts) and external sources (Industry portals, threat intel feeds, etc ) to identify high priority alerts and perform attack life-cycle analysis to develop/implement proactive mitigations. Drive process improvement and develop internal procedures for intrusion analysis, reporting criteria, metrics, and operational rhythms In depth understanding and experience of Cyber Threat Detection and Incident Response best practice Proven ability to quickly and accurately assess risk, based on threat alerting, intel and forensic analysis Proven ability to use analysis skills and risk assessment to form fast, accurate and informed decisions on response actions and drive efforts to completion Utilize understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation to conduct analysis across forensic evidence, log data, compromised hosts, and network traffic Review security incidents and alerts; determine their severity and impact to the Pfizer enterprise along with detailed response actions Drive incident response, which may include implementation of containment, protection, and remediation activities. Escalate and coordinate security incidents with appropriate stakeholders. Contribute to the setting of long term strategic and technical goals for the Cyber Intrusion Analysis function and identify tactical steps necessary to achieve Required to stay up to date with current vulnerabilities, attacks, and countermeasures, along with staying current with all security related news and developments. Demonstrated commitment to training, self- study and maintaining proficiency in the technical cyber security domain. The Principal Cyber Intrusion Analyst must be able to work well with a team, including cross-unit and cross-divisional teams, and must be able to maintain poise and composure in difficult situations, with a professional attitude at all times. Demonstrated ability to be able to lead a project or cross-unit team. BASIC QUALIFICATIONS BS in Computer Sciences, Information Security, Information Systems, Engineering, Sciences, or related field. 4 - 6 years of experience Advanced level understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth, and common security elements. Advanced level understanding of the life cycle of network threats, attacks, attack vectors and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures (TTPs) Advanced level knowledge of the Windows operating system, system utilities, admin functions Significant e xperience with open-source security analysis tools such as Wireshark, SNORT, Splunk, Kali Linux, Sift, REMnux etc. E xperience with Computer programming and scripting languages such as C, Python, Java, etc. Ability to proactively solve complex problems both individually and as part of a team L eadership skills with the ability to prioritize and execute with minimal direction or oversight Outstanding communication skills, including the ability to write and verbally articulate industry terminology to interact at a technical level, management level and senior executive level Organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach. PHYSICAL/MENTAL REQUIREMENTS Desk job, no specific physical / mental requirements NON- STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS Standard work schedule & occasional travel (less than 5%). Work Location Assignment: Hybrid Purpose Breakthroughs that change patients' lives At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives. Digital Transformation Strategy One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience. Flexibility We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let’s start the conversation! Equal Employment Opportunity We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms – allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees. DisAbility Confident We are proud to be a Disability Confident Employer and we encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments necessary to support your application and future career. Our mission is unleashing the power of our people, especially those with unique superpowers. Your journey with Pfizer starts here! Information & Business Tech