Senior Cyber Threat Hunter - Sandwich, United Kingdom - Pfizer

Pfizer

Verified Company

Sandwich, United Kingdom

2 weeks ago

Posted by:

Tom O´Connor

beBee Recruiter

Description

Job Description:
Senior Cyber Threat Hunter

ROLE SUMMARY

The Pfizer Global Information Security (GIS) organization safeguards critical information assets by employing world-class talent to proactively defend company interests.

Fostering a culture of colleague empowerment, we support Pfizer's mission of delivering breakthroughs that change patients' lives. GIS teams continuously work to detect threats faster, respond decisively, and make Pfizer harder to hack.

GIS leadership cultivates a positive, fun, welcoming, collaborative, flexible, and supportive work environment that lifts people up and helps them realize their full potential.

We achieve this through our company values of Courage, Excellence, Equity, and Joy, and a strong culture of enablement.

This is a great place to work where colleagues are provided with opportunities to grow, receive acknowledgement of their achievements, and are rewarded for hard work.

The Cyber Threat Hunting (CTH) team is accountable for identifying unrealized threats that may have evaded security controls and actively improving our security posture.

We use vast collections of data, a comprehensive toolset, and creative investigative techniques to identify & analyse potential threats. In collaboration with other GIS teams, we also contribute to the development and implementation new security controls and detections.

The incumbent will be a senior member of the Pfizer GIS Cyber Threat Hunting team, an individual contributor (technical) reporting to the Senior Manager of Cyber Threat Hunting & Automation Enablement in the GIS Cyber Threat Analysis & Response organization.

ROLE RESPONSIBILITIES

Maintain awareness of threats targeting pharmaceutical companies and related industries, such as manufacturing and healthcare.
Contribute to the identification of new, relevant threat hunting opportunities.
Contribute to the management of the team backlog.
Perform all work in accordance with documented policies & procedures.
Maintain current, accurate, and complete documentation for all phases of threat hunting exercises.
Independently perform accurate & complete analysis of cyber threat hunt findings using defensible & creative investigative techniques.
Leverage cyber threat hunt outcomes to develop detections & other security controls that proactively mitigate risk.
Conceptualize and develop solutions for moderately complex challenges encountered by the team.
Contribute to the identification, design, and/or development of new automation capabilities and process improvements that help mature the CTH program.
Provide training & support to junior members of the team.
Contribute to the ongoing development & improvement of the CTH program.
Perform all work in alignment with the Agile operating model established by the organization and adopted by the team.
Maintain awareness of team procedures, emerging threats, organization announcements, technical solution operating practices, and team communication by regularly reviewing information from various forms of documentation, threat intelligence, & business communication.

BASIC QUALIFICATIONS

BS in Information Security, Computer Sciences, Information Systems, Engineering, Sciences, or related field
Level of professional experience showcased through several years of employment in a corporate environment supporting information security, information technology, or related functions
Experience querying, correlating, & analyzing largescale datasets using tools such as Splunk, SQL, Python, and/or Microsoft Excel
Extensive experience performing analysis of activity on Microsoft Windows endpoints, including process, network, registry, and file system events, along with related forms of activity
Demonstrated history of being a creative thinker, curious, detailoriented, and collaborative
Ability to clearly communicate potentially complex information in a concise, accurate, and complete manner in both written and verbal form
Ability to communicate effectively in a team setting and establish a rapport with a diverse, globally dispersed group of information security professionals
Commitment to training, selfpaced study, and maintaining proficiency in the cybersecurity domain

PREFERRED QUALIFICATIONS

Level of experience consistent with several years of work in a Threat Hunting, Incident Response, or Security Operations functions using a variety of security tools for monitoring a largescale enterprise environment
Knowledge of information security principles and standards
Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model, and / or MITRE ATT&CK to model & analyze threat activity
Experience developing detections and alerts using SIEM, endpoint, and network solutions
Experience with one or more scripting languages, such as Python, Bash, or PowerShell
Experience analyzing event data from common cloud services
Experience analyzing Linux and/or Mac OS endpoint a