Cybersecurity Assessment Manager

Pfizer Collegeville , PA 19426

Posted 5 months ago

ROLE SUMMARY

The Global Information Security Business Technology (GIS-BT) team delivers three core capabilities for Pfizer. The team secures the most important information assets through world-class protective controls, promotes a cybersecurity ownership culture across the company through targeted awareness education to empower colleagues to make informed risk decisions, and partners with business leaders to enable improved outcomes through the effective application of technologies that simplify user experience and reduce risk.

This position will perform the role senior security assessments and attack and penetration specialist within BT Global Information Security. The analyst will be expected to utilize their technical and creative skills for threat and risk analysis as well as testing various applications, platforms, and solutions for company projects and responding to incidents. The position will work with matrix groups and may work on multiple projects at a given time. The ability to work with the teams independently is critical to delivering timely outcomes.

ROLE RESPONSIBILITIES

  • Performing and/or coordinating manual Attack and Penetration (A&P) testing, utilizing and leveraging the latest technologies in this role (ie black web applications, mobile applications, various platforms, web services, databases, overall solutions)

  • Perform security threat modeling and assessments on various solutions in addition to manual A&P testing.

  • Lead and perform red team assessments

  • Lead and perform technical Critical Asset Review Evaluations

  • Researching new security threats, vulnerabilities and exploit techniques

  • Respond to new security threats and help implement new requirements as needed

  • Managing and maintaining security testing frameworks

  • Create or update new test cases and documentation for red teaming, CARE, and security testing for the security testing team

  • Develop and Lead training for technical testers and development teams for industry updates and technical changes.

  • Identify appropriate remediation steps, working with business partners to ensure that the threats that have been identified are correctly remediated and lead or co-lead the closure of the exposure while acquiring business expertise.

  • Identify gaps in analytical data and recommend additional data gathering to support or eliminate potential situations. Work collaboratively with forensic analysts and threat intelligence specialists to gather such data.

  • Demonstrated ability to work independently on multiple projects simultaneously with various project scopes.

  • Makes decisions guided by policies in non-standard situations

  • Complete work accurately and within the deadlines required.

  • Manages and provide technical guidance and oversight for technical resources

  • Utilize security related tools including A&P tools, Security application development tools, and other pertinent tools to establish detection of vulnerabilities, and subsequently create the appropriate reporting mechanisms and proactively recommend upgrades or special use tool recommendations.

  • Determining and testing upgrades to security technologies within scope

  • Work in a team environment while maintaining confidentiality of investigation information.

  • Provide mentoring to newer team members.

  • Deep knowledge of working with OWASP concepts for various solutions

BASIC QUALIFICATIONS

  • Bachelor's degree, preferably in a technical field

  • 5+ years' experience managing security operational services

  • Strong understanding of IT operations and service support processes, ITILv3 certification preferred

  • 3+ years' experience in pharmaceutical or other regulated industry

  • Ethical Hacker Certification or Similar

  • Security certifications are desired but not required (CISSP, GIAC, CEH, MSCE Plus Security).High level of integrity and strong ethical values

  • At least 4 years of demonstrated manual security testing

PREFERRED QUALIFICATIONS

  • Ability to discreetly conduct security investigations while maintaining privacy of the effort

  • Strong analytical capabilities, with ability to reliably infer information and interpolate results from potentially incomplete data.

  • Effective and efficient written and oral communication skills, including a demonstrated ability to work effectively with managers/directors

  • Effectively work on multiple priorities in a dynamic environment

  • Ability to work both independently and in a team-oriented, collaborative environment

  • Familiarity with data protection techniques including encryption, backup and archiving.

  • Strong interpersonal, communication, influencing, analytical and problem-solving skills

  • Familiarity with forensic practices

  • Familiarity with protection of Personally Identifiable Information (PII)

  • Familiarity with PCI requirements

  • Familiarity with medical devices

  • Interacts with customer within Corporate IT and other Pfizer business units. Adept at understanding customer challenges, navigating from problem to resolution and communicating process and resolution effectively both verbally and in writing. Quickly escalates customer satisfaction concerns to management, but does so with recommended approaches to addressing the concerns.

  • Proficient verbal communication skills

  • Proficient writing and presentation development skills

  • Experience with Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, nmap, Nessus)

  • Experience in security configuration and operation of UNIX (Solaris), Linux, Android, iOS and Windows systems

  • Familiarity with TCP/IP protocols (Wi-Fi, telnet, FTP, HTTP/S, NFS, SMTP, SNMP, NetBIOS) and ability to analyze packet captures.

  • Experience programming or scripting in UNIX, Windows, Android or iOS platforms, and wearables

Sunshine Act

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.

EEO & Employment Eligibility

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer.

Other Job Details:

  • Last Date to Apply for Job: 3/25/2019
  • Additional Location Information: Collegeville, PA or Groton, CT
  • Eligible for Employee Referral Bonus

N (Other) (United States of America)

Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Construction Manager

Lennar

Posted 3 days ago

VIEW JOBS 7/13/2019 12:00:00 AM 2019-10-11T00:00 Job Description Overview Summary of Position Requirements Responsible for managing and overseeing construction of homes in an assigned community, under the supervision of the Senior Management to ensure cost, schedule and quality standards are met. Monitor reports, assist in pre-construction and production of homes, contact and supervise trade partner's work, and maintain the overall community job sites for cleanliness. #CB Responsibilities Primary Duties and Responsibilities * Oversee the scheduling and supervision of daily business partner activities in accordance with job schedule and business partner scopes of work. * Maintain a current working knowledge of all applicable building codes and OSHA job safety regulations. * Analyze proper construction techniques. * Maintain all job tasks and order alerts within Build Pro daily. * Assure job site cleanliness and safety. * Inspect all work daily, using the Lennar Quality by Stage checklist as a guide. * Be familiar with each trade partners "scope of work" and assure that properly completed work is certified for payment only. * Work together with Regional Operations Center ROC to improve budgets, cost variances, and plan improvements, and systems. * Assure that records of all changes on the job, such as engineering reports, change orders and/or purchase orders are properly maintained. * Inspect, Schedule, and Maintain the division's implementation of the LEMS including the Storm Water, * Air Quality, Endangered Species, Environmental Site Assessment and Wetlands modules. * Assist the REM with SWPPP implementation audits, documentation of associated corrective actions, and reporting of results. * Strive to reduce liability of regulatory notices of violation and subsequent future litigation, penalties and fines. * Recruit, actively communicate with and train business partners on safety, quality requirements and payment procedures, to assure a solid vendor base. * Be involved personally and proactively with any actual or perceived vendor scheduling, communication or payment related issues. * Conduct Homebuyer Demonstrations. * Secure the Company's property and protect it from weather, theft, vandalism and other damage. * Ability to understand the manufacturer's recommendations for use and application of their products. Qualifications Education and Experience Requirements * High School Diploma or equivalent required * Some college preferred * Minimum 4 years experience in residential construction management required * Relevant Management experience desired * Must possess organization skills by keeping daily schedules current; maintaining a timely and accurate flow of paperwork * Possess good time management skills. For example; be able to handle a wide variety of tasks and demands in a timely manner * Must possess good interpersonal skills * Associate is prohibited from performing manual repairs * Computer literacy and proficient in MS Office products (Word and Excel) * Valid Driver's License with good driving record * Valid Auto Insurance Coverage * Knowledge of practices and procedures of construction and building codes * Ability to read and interpret blue prints Lennar Collegeville PA

Cybersecurity Assessment Manager

Pfizer