1+ months

Cybersecurity Vulnerability Management Associate

Pfizer
Collegeville, PA 19426
Apply Now
Apply on the Company Site
**ROLE SUMMARY**



The Global Information Security (GIS) organization delivers proactive cybersecurity defense for the global Pfizer organization. Our mission is to identify and drive out critical vulnerabilities across all of Pfizer's digital information assets ranging from the manufacturing floor, distribution centers, core data centers, enterprise managed clients and out to our patient facing solutions. We achieve this mission through a team of world-class talent that focuses on building a strong partnership to build security into all aspects of our business. Across all aspects of our organization we utilize top-tier technologies, industry leading best practices, advanced analytics and the promotion of a cybersecurity ownership and partnership culture across the company.



The **Cybersecurity Vulnerability Management Analyst** will be responsible for performing vulnerability scanning and assessments throughout the enterprise to protect the confidentiality, integrity and availability of information assets using a risk-based approach.



This position will ensure continuous vulnerability life cycle management with focus on analysis and validation of scan results, setting relative Pfizer risk ratings, providing remediation recommendations, tracking and reporting of vulnerabilities to improve the overall security posture of Pfizer, with a focus on manufacturing and distribution services.



**ROLE RESPONSIBILITIES**



+ Perform scheduled and/or on demand vulnerability scanning and assessments, including triage, reports and analysis

+ Analysis and validation of scan/assessment results communicated to stakeholders through reporting and result review meetings

+ Interacts directly with stakeholders to address issues related to remediation of vulnerability scanning and assessments.

+ Support activities that are focused on helping key stakeholders with the interpretation of their vulnerability results, providing guidance on the remediation of existing or emerging threats, and evaluating false positives

+ Configure, maintain, operate vulnerability management tools

+ Work with metrics to help analyze and prioritize vulnerabilities for remediation

+ Track remediation work consistently in order to advance improvements to program and closure of vulnerabilities

+ Apply data, good judgement and organization skills to develop short-term risk reduction plans and ongoing improvement of the scanning and vulnerability remediation processes while adjusting for different Pfizer environments (Manufacturing, Research, Enterprise, etc.)

+ Provide remediation support on any potential findings as needed

+ Able to successfully partner with other security, OT/ICS manufacturing and IT infrastructure professionals to assess potential impact from vulnerabilities and determine appropriate mitigating controls.

+ Able to display a growing understanding of business drivers and apply to daily work.

+ Work with industry standard tools, as well as learn new innovative solutions

+ Work with and influence key manufacturing partners, 3rd party service providers

+ Support penetration testing, red-team exercises and other risk assessments if applicable



**BASIC QUALIFICATIONS**



+ BS in Security and Risk Analysis, Information Assurance, and Cybersecurity, or related field.

+ 2+ years combined enterprise level IT and/or security experience.

+ Strong technical knowledge with skill to applyunderstanding of operating systems, network protocols, and applications development.

+ Technical working experience with security testing tools, port scanners, vulnerability scanners, and exploit frameworks (Or experience with similar security product infrastructures).

+ Knowledge of industry frameworks and best practices: CIS Critical Security Controls, Threat Modeling, OWASP, NIST 800 Series

+ Understanding of malware, emerging threats, attacks, and vulnerability management with a personal drive to continue learning

+ Experience with scripting or programming languages like Python, Ruby, or PowerShell

+ High level of integrity and strong ethical values

+ Excellent analytical and problem-solving skills. Able to apply ingenuity and think out of the box respecting different requirements from Pfizer environments (manufacturing, enterprise, servers, clients, etc.)

+ Strong written and verbal communication skills

+ Strong team player who collaborates well with others to solve problems



**PREFERRED QUALIFICATIONS**



+ Experience performing security assessments

+ Experience or knowledge of different work environments beyond enterprise managed client fleet (e.g. manufacturing floor, laboratories, data center servers, specialty services such as IoT, OT/ICS, facilities, physical security, etc.)



**Other Job Details:**



+ **Last Date to Apply for Job: May 15, 2020**

+ Additional Location Information: Collegeville, PA or Groton, CT

+ Eligible for Employee Referral Bonus

+ \#LI-PFE



**Sunshine Act**

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.



**EEO & Employment Eligibility**

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer.



Information & Business Tech
Posted: 2020-04-29 Expires: 2020-05-30
Sponsored by:
ADP Logo

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Cybersecurity Vulnerability Management Associate

Pfizer
Collegeville, PA 19426

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast