For more than 170 years, Pfizer has continuously worked to make a difference by delivering innovative therapies that improve the lives of our patients. By building a talented community of colleagues that align with our patient-focused purpose and core values, Pfizer has improved global health and impacted more than 780 million patients around the world.

In 2021, Pfizer expanded its global footprint to Tampa, establishing a strategic powerhouse that brings together multi-disciplinary, professional services including Finance, Accounting, Treasury, Digital, HR Services, Sourcing, Commercial and Project Management into a single, centralized location. With so many diverse and highly-skilled colleagues supporting multiple functions and services across the organization, Pfizer Tampa offers ample opportunity to engage in newer ways of working that enhance, simplify, and transform how we deliver treatments to our patients.

Located in Heights Union, the Pfizer Tampa site offers a modern industrial design, the latest in innovative technology, and close proximity to Downtown with views of the Tampa Riverwalk and access to the Channel district and Bayshore Boulevard. From an onsite fitness center to top floor panoramic balconies and outdoor patio, our activity-based space will provide various ways of working to offer collaboration and flexibility to colleagues. The Pfizer Tampa site has constructed an atmosphere that fosters interaction and prioritizes colleague health and wellness.

Additionally, to achieve breakthroughs that change patients’ lives, Pfizer is revolutionizing and evolving how colleagues work today. This year, Pfizer launched a new initiative that we call Log In For Your Day where a majority of colleagues can arrange with their manager to work remotely two or three days a week while still maintaining the ability to collaborate regularly in person at our sites. This flexible working model blends the best of remote work and on-site collaboration to drive greater flexibility, support work-life balance, and promote a vibrant, agile, and innovative culture.

Role Summary

The Global Information Security (GIS) organization at Pfizer delivers three core responsive capabilities for Pfizer – Intrusion Detection & Analysis, Cyber Threat Intelligence, and Digital Forensics & Insider Threat. GIS secures Pfizer’s most important information assets through world-class controls and protections.  GIS enables Pfizer’s business results by making security an enabler and not a roadblock.  GIS strives to broaden the cybersecurity ownership culture across the company through targeted awareness campaigns and empowering colleagues to be risk aware.

The Red Team Associate position within the Security Consulting & Testing team will engage with business and technology teams to secure digital solution projects globally.  The associate will work to validate security controls and incident response through offensive security methods. The associate will work with security teams to enhance existing services by conducting hands-on technical testing focused on detection and response. Conduct full exploitation and leveraging of access within multiple environments, including complex Active Directory and mixed Windows and nix environment. 

Associate will develop comprehensive and accurate reports and presentations for both technical and executive audiences. Identify, track, and communicate findings while developing remediation strategies with technical staff, executive leadership, and legal counsel.  Apply security testing and penetration testing techniques and mindset to a wide range of projects and promote an environment of innovation and knowledge sharing. The position is an individual contributor role with leadership and engagement with cross functional internal colleagues and external partners and reports to the Red Team, Manager within the GIS organization.

Role Responsibilities:

• Perform targeted, covert penetration tests with vulnerability identification, exploitation, and post-exploitation activities through manual methodologies

• Create reports detailing vulnerabilities and risks; review reports with leadership

• Provide technical knowledge or experience developing automated scripts, using interpreted languages not limited to, Python, PowerShell, or modern scripting languages

• Engage on multiple, concurrent, projects meeting project timelines and delivering defined results

• Work effectively in a team environment, including cross-unit and cross-divisional teams, and maintain poise and composure in difficult situations, with a professional attitude at all times

• Develop, extend, or modify exploits, shellcode, or exploit tools

• Understand MITRE ATT&CK Framework and how it relates to real-world observations

• Respond to ad-hoc security requests for Proof-of-concept or post-exploitation activities

• Conduct Red Teaming independently and with the team

• Perform independent research of new and upcoming C2's and exploit techniques

BASIC QUALIFICATIONS 

• Bachelor’s degree; or Associate's degree with four years of relevant experience; or six years of relevant experience with a high school diploma or equivalent

• Ability to analyze and track vulnerabilities, threats, designs, procedures and architectural design, producing reports and sharing intelligence

• Familiar with common methodologies conducting offensive security testing

• Ability to conduct security testing through use of Kali or other OS' as an attack platform

• Ability to proactively solve complex problems both individually and as part of a team

• Demonstrated commitment to training, self-study and maintaining proficiency in the cyber security domain

• Effective oral, written, and interpersonal communications skills are required as well as organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously

PHYSICAL/MENTAL REQUIREMENTS

N/A

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS

• Domestic and International travel of 10% (as required)

• Work Location Assignment: hybrid schedule of at least 2 days in person on premise, depending on business needs.

Other Job Details:

• Last day to apply: April 04, 2023

Relocation assistance may be available based on business needs and/or eligibility.