1+ months

Cybersecurity Vulnerability Management Associate

Collegeville, PA 19426
Apply Now
Apply on the Company Site

The Global Information Security (GIS) organization delivers proactive cybersecurity defense for the global Pfizer organization. Our mission is to identify and drive out critical vulnerabilities across all of Pfizer's digital information assets ranging from the manufacturing floor, distribution centers, core data centers, enterprise managed clients and out to our patient facing solutions. We achieve this mission through a team of world-class talent that focuses on building a strong partnership to build security into all aspects of our business. Across all aspects of our organization we utilize top-tier technologies, industry leading best practices, advanced analytics and the promotion of a cybersecurity ownership and partnership culture across the company.

The **Cybersecurity Vulnerability Management Analyst** will be responsible for performing vulnerability scanning and assessments throughout the enterprise to protect the confidentiality, integrity and availability of information assets guided by using a risk-based approach.

This position will ensure continuous vulnerability life cycle management with focus on analysis and validation of scan results, setting relative Pfizer risk ratings, providing remediation recommendations, tracking and reporting of vulnerabilities to improve the overall security posture of Pfizer.


+ Perform scheduled and/or on demand vulnerability scanning and assessments, including triage, reports and analysis

+ Analysis and validation of scan/assessment results communicated to stakeholders through reporting and result review meetings

+ Interacts directly with stakeholders to address issues related to remediation of vulnerability scanning and assessments.

+ Support activities that are focused on helping key stakeholders with the interpretation of their vulnerability results, providing guidance on the remediation of existing or emerging threats, and evaluating false positives

+ Configure, maintain, operate vulnerability management tools

+ Work with metrics to help analyze and prioritize vulnerabilities for remediation

+ Track remediation work consistently in order to advance improvements to program and closure of vulnerabilities

+ Provide remediation support on any potential findings as needed

+ Able to successfully partner with other security, manufacturing and IT infrastructure professionals to assess potential impact from vulnerabilities and determine appropriate mitigating controls.

+ Work with industry standard tools as well as learn new innovative solutions

+ Work across teams and with 3rd party service providers

+ Support penetration testing and red-team exercises if applicable


+ BS in Security and Risk Analysis, Information Assurance, and Cybersecurity, or related field.

+ Entry level experience in enterprise environment (e.g. Internship, etc. - exposure to managed clients and some specialty clients like manufacturing preferred)

+ Entry level understanding of operating systems, network protocols, and applications development.

+ Foundational Understanding of security testing tools, port scanners, vulnerability scanners, and exploit frameworks.

+ Basic understandingof industry frameworks and best practices: CIS Critical Security Controls, Threat Modeling, OWASP, NIST 800 Series

+ Understanding of malware, emerging threats, attacks, and vulnerability management with a personal drive to continue learning

+ Exposure to scripting or programming languages like Python, Ruby, or PowerShell

+ High level of integrity and strong ethical values

+ Excellent analytical and problem-solving skills.

+ Strong written and verbal communication skills

+ Strong team player who collaborates well with others to solve problems

**Other Job Details:**

+ **Last Date to Apply for Job: May 15, 2020**

+ Additional Location Information: Collegeville, PA or Groton, CT

+ Eligible for Employee Referral Bonus

+ \#LI-PFE

**Sunshine Act**

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.

**EEO & Employment Eligibility**

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer.

Information & Business Tech
Posted: 2020-04-29 Expires: 2020-08-02
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cybersecurity Vulnerability Management Associate

Collegeville, PA 19426

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast