ROLE SUMMARY

The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise.  Our mission is to secure all of Pfizer’s information assets ranging from the manufacturing floor to the core data centers and out to the patient facing solutions. We achieve this mission through a team of world-class talent, utilizing top-tier technologies, advanced analytics and the promotion of a cybersecurity ownership culture across the company.

The Cyber Threat Intelligence team works with internal and external partners to reduce risk to Pfizer and the healthcare industry. The team provides timely situational awareness, conducts deep analysis of threats and translates indicators of threat into actionable information to reduce impact to Pfizer. Stakeholders include cybersecurity response teams, internal lines of business, senior leadership, external organizations such as law enforcement, and industry peers and intelligence sharing partners.

The Cyber Threat Intelligence Analyst is responsible for conducting in-depth research, documentation, and intelligence analysis of key cyber threats, including threat actor tactics, techniques, and procedures (TTPs), to develop a comprehensive picture of the cyber threat landscape, improve Pfizer’s security posture, and reduce risk. This includes research via the use of various sources; development of historical, trend, and link analysis; security posture improvement actions; and written and oral reporting to provide actionable intelligence for stakeholders. The analyst will also work to proactively research emerging threats and establish trends and patterns among existing attacks to help predict future risks. The analyst will maintain familiarity with ongoing geopolitical issues that may impact the cyber threat landscape. The analyst will be highly motivated to continually grow and expand their existing technical and intelligence analysis skillset to adapt to the ever-changing threat landscape.

The position is an individual contributor role that will engage with cross functional internal colleagues and external partners and reports to the Senior Manager, Cyber Threat Intelligence within the Pfizer Digital Global Information Security organization. This is a hybrid position that requires 2 to 3 days in the office per week.

ROLE RESPONSIBILITIES

• Acquire and maintain knowledge of the cyber threat landscape from open source and privately produced intelligence reports to include advanced threat actors, techniques, capabilities and targets relevant to industry. 

• Perform collection and analysis of threat data and intelligence to support stakeholder priority intelligence requirements (PIRs).

• Perform technical indicator analysis of cyber threats through in-depth pivoting using internally developed and external tools and services.

• Conduct in-depth intrusion analysis of cyber threats utilizing frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK.

• Develop strategic, tactical and operational intelligence products for stakeholder dissemination.

• Participate in team projects centered around the cyber threat intelligence mission.

• Present knowledge and intelligence related to cyber threats at both a technical and management level to help shape both tactical and strategic priorities.

• Generate tactical detections and mitigations to support the identification of cyber threats.

• Provide intelligence support during incident response engagements.

• Interface with external sharing communities through the sharing of timely and relevant cyber threats.

• Perform TTP analysis, track threat actor TTP changes, and deploy proactive behavioral based security posture improvement measures.

• Identify and address emerging threats relevant to Pfizer.

• Review triage and incidents for trend analysis.

• Responsible for researching, collecting, assessing, cataloguing, and adding context to cyber threats to convey urgency, severity, and credibility.

• Cultivate and assess new sources of threat information and intelligence for relevant cyber threats.

• Disrupt threat actor activity through proactive analysis, hunting for exposures or related incidents, maximizing use of existing resources, and infrastructure tracking, along with behavioral and indicator based security posture improvement actions.

• Collaboration with CTI Team members, internal teams and departments, and appropriate business partners to address the cyber threat landscape.

• Escalate issues to management in a timely manner with appropriate information regarding risk and impact.

• Exercise independent judgement in methods, techniques, and evaluation criteria for obtaining results.

BASIC QUALIFICATIONS

• Bachelor’s degree with 2+ years of professional experience in a corporate environment; OR Associates degree with 4+ years’ professional experience in a corporate environment; OR High School Diploma or equivalent with 6+ years’ professional experience in a corporate environment.

• Experience in understanding the techniques of Computer Network Exploitation and Defense (CNE / CND).

• Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model and MITRE ATT&CK.

• Experience in information analysis and the intelligence lifecycle.

• Experience developing and curating intelligence related to the cyber threat landscape such as threat actors, malware, vulnerabilities and tactics, techniques and procedures.

• Experience with translating threat intelligence from OSINT and private intelligence reports into custom detections and mitigations across multiple security technologies.

• Experience performing data analysis using Splunk and the creation of advanced queries, alerts, and reports.

• Experience performing technical indicator and TTP analysis using both open and closed source intelligence sources.

• Ability to provide concise and accurate communications (both verbal and written) in disseminated intelligence products.

• Ability to communicate and establish rapport with a global team of incident responders and intelligence analysts.

• Commitment to training, self-study and maintaining proficiency in the cyber threat intelligence domain.

PREFERRED QUALIFICATIONS

• BS in Information Security, Computer Sciences, Information Security, Information Systems, Engineering, Sciences, International Studies, STEM or related field with 2+ years of professional experience in a corporate environment; OR Associates degree in Information Security, Computer Sciences, Information Security, Information Systems, Engineering, Sciences, International Studies, STEM or related field with 4+ years’ professional experience in a corporate environment; OR High School Diploma or equivalent with 6+ years’ professional experience in a corporate environment.

• Experience in Incident Response, Security Operations or Threat Intelligence functions.

• Experience in developing Yara rules to aid in the proactive identification of adversary capabilities using various open and closed source platforms.

• Experience performing malware analysis to identify functionality of adversary tools and capabilities.

• Experience using structured analytic techniques and identifying biases.

• Understands attack signatures, tactics, techniques and procedures associated with advanced threats and the ability to develop relevant alerting and countermeasures.

OTHER JOB DETAILS:

Last Date to Apply for Job: 3/30/2023
Work Location Assignment: Flexible

Relocation assistance may be available based on business needs and/or eligibility.