1+ months

Lead Cybersecurity Attack & Penetration Tester

Pfizer
Groton, CT 06340
**ROLE SUMMARY**

The Cybersecurity Penetration Testing Lead is the technical lead for attack and penetration testing and red team assessments within Pfizer Digital Global Information Security (GIS). The mission of this team is to reduce the company attack surface and enhance the company protections. We achieve this mission through a team of world-class talent that focuses on building strong partnerships to build security into all aspects of our business. Solutions have less defects when security is baked in. The lead will utilize their technical and creative skills for threat and risk analysis to evaluate innovative solutions through Pfizer's various businesses. They will also manage and mentor the technical analysts on the team.



**WHY JOIN US?**

Across GIS we utilize top-tier technologies, industry leading best practices, advanced analytics and the promotion of a cybersecurity ownership culture to drive results for the enterprise. You will be part of a CyberSecurity Team that has many disciplines with opportunity for growth.



At Pfizer, you will find a company as focused on its internal culture as it is on its external reputation. You will have the opportunity to partner with colleagues of diverse backgrounds and abilities, people who contribute to all aspects of what we do-from drug development to marketing, technology to sales, and so much more.



**ROLE RESPONSIBILITIES**



+ Performing and/or coordinating manual Attack and Penetration (A&P) testing, utilizing and leveraging the latest technologies in this role (ie -applications, mobile applications, various platforms, web services, databases, IoT, ICS, overall solutions)

+ Leading and performing red team assessments

+ Researching new security threats, vulnerabilities and exploit techniques

+ Responding to new security threats and help implement new requirements as needed

+ Managing and maintaining security testing frameworks

+ Develop and strategize with the team to bolster test cases and documentation

+ Develop and lead training for technical testers and development teams.

+ Guide the business to reduce risk.

+ Makes decisions guided by policies in non-standard situations

+ Complete work accurately and within the deadlines required.

+ Manages and provides technical guidance and oversight for technical resources

+ Work in a team environment while maintaining confidentiality of investigation information.

+ Provide mentoring to newer team members.

+ Deep knowledge of working with OWASP concepts for various solutions



**BASIC QUALIFICATIONS**



+ Bachelor's degree, preferably in a technical field

+ 5+ years' experience managing security operational services

+ Strong understanding of IT operations and service support processes, ITILv3 certification preferred

+ 3+ years' experience in pharmaceutical or other regulated industry

+ Ethical Hacker Certification or Similar

+ Security certifications are desired but not required (CISSP, GIAC, CEH, MSCE Plus Security).

+ High level of integrity and strong ethical values

+ At least 4 years of demonstrated manual security testing



**PREFERRED QUALIFICATIONS**



+ Ability to discreetly conduct security investigations while maintaining privacy of the effort

+ Strong analytical capabilities, with ability to reliably infer information and interpolate results from potentially incomplete data.

+ Effective and efficient written and oral communication skills, including a demonstrated ability to work effectively with managers/directors

+ Effectively work on multiple priorities in a dynamic environment

+ Ability to work both independently and in a team-oriented, collaborative environment.

+ Strong interpersonal, communication, influencing, analytical and problem-solving skills

+ Interacts with customer within Corporate IT and other Pfizer business units. Adept at understanding customer challenges, navigating from problem to resolution and communicating process and resolution effectively both verbally and in writing. Quickly escalates customer satisfaction concerns to management, but does so with recommended approaches to addressing the concerns.

+ Experience with: Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, nmap, Nessus), Security configuration and operation of UNIX (Solaris), Linux, Android, iOS and Windows systems, Programming or scripting in UNIX, Windows, Android or iOS platforms, and wearables



**NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS**



+ Standard work schedule

+ Domestic and International travel of 10-20%



**Sunshine Act**

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.



**EEO & Employment Eligibility**

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer.



**Other Job Details:**



+ Additional Location Information: Collegeville, PA or Groton, CT

+ Eligible for Employee Referral Bonus

+ **\#LI-PFE**



N (Other) (United States of America)

Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.

Categories

Posted: 2019-08-16 Expires: 2019-12-18

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Lead Cybersecurity Attack & Penetration Tester

Pfizer
Groton, CT 06340

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast