Senior Cyber Threat Hunter - #7544260

myGwork - LGBTQ+ Business Community

Fecha: hace 1 semana
ciudad: Escazú, San José
Tipo de contrato: Tiempo completo
This inclusive employer is a member of myGwork – the largest global platform for the LGBTQ+ business community.

Role Summary

The Pfizer Global Information Security (GIS) organization protects critical information assets by employing world-class talent, implementing top security controls, providing outstanding leadership, and maintaining a culture of colleague empowerment that supports Pfizer's mission of delivering breakthroughs that change patients' lives. GIS teams continuously work to detect threats faster, respond decisively, and make Pfizer harder to hack.

The Cyber Threat Hunting (CTH) team is responsible for identifying unrealized threats to the company that may have evaded security controls and driving improvements to our security posture. This team uses vast collections of data, a comprehensive toolset, and creative investigative techniques to identify & analyze potential threats. In collaboration with other GIS teams, the CTH team also contributes to the development and implementation new security controls and detections.

The incumbent will be a senior member of the Pfizer GIS Cyber Threat Hunting team. They will leverage an advanced level of knowledge & experience to perform threat hunts using a dynamic collection of tools, data, and processes. They will assist with the development of new threat hunting exercises and management of the team backlog. The incumbent will contribute to the development of new detections and alerts that identify adversary activity. They will also contribute to - and may lead - various team projects and perform additional duties related to the CTH mission.

This is an exciting opportunity that is ideal for candidates who are motivated, curious, creative, team-oriented, organized, intelligent, and embrace a culture of life-long learning. The incumbent will have a chance to take their work to the next level, explore new technologies, apply experience, grow their skillset, and regularly exercise critical thinking skills. This is a unique role that provides colleagues with the freedom to explore, ample amounts of support, best-of-breed tools, and opportunities for great team collaboration.

GIS leadership strives to maintain a positive, fun, welcoming, collaborative, flexible, and supportive culture of enablement that lifts people up and helps them realize their full potential. This is achieved by maintaining an ongoing focus on our company values - Courage, Excellence, Equity, and Joy - and by maintaining a strong culture of enablement. This is a great place to work where colleagues are provided with opportunities to grow, receive acknowledgement of their achievements, and are rewarded for hard work.

This is an individual contributor technical role that reports to the Senior Manager of Cyber Threat Hunting & Automation Enablement within the GIS Cyber Threat Analysis & Response organization. The position involves engagement with cross-functional colleagues and external business partners.

Given the challenges associated with filling specialized cybersecurity roles, the company and team are open to training senior technical professionals who have the skills and experience required to fulfill the duties of this position. Candidates meeting the core job requirements are encouraged to apply and will be considered.

Role Responsibilities

  • Maintain awareness of threats targeting pharmaceutical companies and related industries, such as manufacturing and healthcare.
  • Contribute to the identification of new, relevant threat hunting opportunities.
  • Apply advanced technical knowledge and experience to design & execute cyber threat hunting exercises in an efficient, accurate, and complete manner.
  • Contribute to the management of the team backlog.
  • Perform all work in accordance with documented policies & procedures.
  • Maintain current, accurate, and complete documentation for all phases of threat hunting exercises.
  • Independently perform accurate & complete analysis of cyber threat hunt findings using defensible & creative investigative techniques.
  • Leverage cyber threat hunt outcomes to develop detections & other security controls that proactively mitigate risk.
  • Conceptualize and develop solutions for moderately complex challenges encountered by the team.
  • Contribute to the identification, design, and/or development of new automation capabilities and process improvements that help mature the CTH program.
  • Develop the knowledge and experience of the Pfizer environment to serve as a subject matter expert on the available logs and analysis techniques.
  • Provide training & support to junior members of the team.
  • Contribute to the ongoing development & improvement of the CTH program.
  • Exercise sound judgement and decision-making by applying expert-level knowledge and experience.
  • Perform all work in alignmentwith the Agile operating model established by the organization and adopted by the team.
  • Maintain awareness of team procedures, emerging threats, organization announcements, technical solution operating practices, and team communication by regularly reviewing information from various forms of documentation, threat intelligence, & business communication.

Basic Qualifications

  • BS in Information Security, Computer Sciences, Information Systems, Engineering, Sciences, or related field
  • Level of professional experience consistent with 3+ years of employment in a corporate environment supporting information security, information technology, or related functions
  • Experience querying, correlating, & analyzing large-scale datasets using tools such as Splunk, SQL, Python, and/or Microsoft Excel
  • Experience analyzing data from network solutions (firewall, proxy, IPS/IDS, network security appliances, VPN, etc.), web applications, business information systems, endpoint security solutions, and other related technologies
  • Extensive experience performing analysis of activity on Microsoft Windows endpoints, including process, network, registry, and file system events, along with related forms of activity
  • Strong understanding of TCP/IP, common network protocols, OSI model, traffic flow analysis, and common network services (DHCP, DNS, web services, email, database, etc.)
  • Ability to analyze and disposition various forms of endpoint, network, application, and / or service related collections of activity in a largely independent manner
  • Demonstrated history of being a creative thinker, curious, detail-oriented, and collaborative
  • Ability to clearly communicate potentially complex information in a concise, accurate, and complete manner in both written and verbal form
  • Ability to communicate effectively in a team setting and establish a rapport with a diverse, globally dispersed group of information security professionals
  • Commitment to training, self-paced study, and maintaining proficiency in the cybersecurity domain

Preferred Qualifications

  • Level of experience consistent with 3+ years of work in a Threat Hunting, Incident Response, or Security Operations functions using a variety of security tools for monitoring a large-scale enterprise environment
  • Knowledge of information security principles and standards
  • Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model, and / or MITRE ATT&CK to model & analyze threat activity
  • Experience developing detections and alerts using SIEM, endpoint, and network solutions
  • Experience with one or more scripting languages, such as Python, Bash, or PowerShell
  • Experience analyzing event data from common cloud services
  • Experience analyzing Linux and/or Mac OS endpoint activity
  • Security certifications such as GCIA, GCIH, GCTI, CEH, EnCE, CCE, Security+, CISSP or similar
  • Demonstrated experience working on an Agile team with an emphasis on collaboration, adaptability, prioritization, & proactive problem-solving that yields meaningful outcomes

Physical/Mental Requirements

  • Ability to perform complex data analysis

Work Location Assignment: Flexible

EEO (Equal Employment Opportunity) & Employment Eligibility

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, or disability.

Information & Business Tech
Publicar un currículum

Empleos similares

R2R Sr Accountant – Inventory COE

myGwork - LGBTQ+ Business Community, Escazú, San José
hace 3 días
This inclusive employer is a member of myGwork – the largest global platform for the LGBTQ+ business community. Why Patients Need You Your in-depth knowledge and financial skills will keep our products in production and our innovators innovating. Whether you...
myGwork - LGBTQ+ Business Community

Associate Project Manager

Elite Technology, Escazú, San José
hace 4 días
Elite Technology is a leading, independent technology company that helps law firms drive profitability through improved operational effectiveness, increased efficiency, and greater visibility across their business. Our cutting-edge digital financial management and business operations solutions drive success for firms around...
Elite Technology

Cocinero (a) de Línea - Terrazas, Lindora.

AR Holdings, Escazú, San José
hace 2 semanas
AR Holdings busca personal para el puesto de Cocinero (a) de Linea, para unirse a nuestro equipo de trabajo ubicado en Escazú, que se encargue de cumplir con los estándares de la marca, mediante el cumplimiento las políticas y procedimientos...
AR Holdings