The Pfizer Digital Global Information Security (GIS) team delivers three core capabilities for Pfizer - Intrusion Detection & Analysis, Threat Intelligence, and Forensics. GIS secures Pfizer's most important information assets through world-class controls and protections. GIS enables Pfizer's business results by making security an enabler and not a roadblock. GIS strives to broaden the cybersecurity ownership culture across the company through targeted awareness campaigns and empowering colleagues to be risk aware.
**What can I achieve and what will I be responsible for whilst completing a placement at Pfizer?**
Cyber Intrusion Analyst will sit within the Intrusion Detection & Analysis team based in Sandwich, Kent and respond to network security events to build a deep understanding of computer network attacks against Pfizer's global enterprise. Cyber Intrusion Analysts will be expected to perform event correlation across large datasets, perform attack lifecycle analysis, develop remediation plans, implement proactive and reactive countermeasures, and create innovative solutions to the security issues that face the Pfizer environment.
This is an opportunity to work in our EMEA CORE (Cybersecurity Operations & Response Environment) as part of a larger global team (based in similar CORE facilities in the US and Singapore).
You will have the opportunity to:
+ Leverage security data from internal sensors (IDS, Firewall, SIEM, Proxy, hosts) and external sources (Industry portals, threat intel feeds, etc) to identify high priority alerts and perform attack life-cycle analysis to develop/implement proactive mitigations
+ Review security incidents and alerts; determine their severity and impact to the Pfizer enterprise along with detailed response actions
+ Gain experience using some of the world's best security products deployed across a very large and distributed corporate network
+ Contribute to new process creation and improvement by developing internal Tactics, Techniques, and Procedures (TTPs) for analysis, establishing reporting criteria, structure, and operational reports
+ Conduct and document your analysis of many different attack methodologies pertaining to real attacks against the corporate network including:
+ Suspicious emails, URLs and macro-enabled Office documents
+ Suspicious outbound network traffic to suspected C2 infrastructure
+ Forensic examination of artifacts on potentially compromised Windows systems
+ Deep level analysis of suspicious executable code using static and dynamic methods
+ Contribute to the development and implementation of threat mitigation techniques using such solutions as Python, yara, Snort, Splunk, proprietary end point protection rules and more
**What other opportunities and benefits do Pfizer offer?**
There may be opportunities to attend cyber related events
**When can I start?**
Placements will start on 1st September 2020 and will run for 12 months.
Type of person we are looking for, in relation to ' **Skills** ', ' **Knowledge** ' and ' **Motivation** ':
+ On target for a 2:1 Degree Classification
+ A genuine interest in pursuing a technical role in the cyber security field.
+ Excellent written and oral communication skills
+ The motivation and resilience to make the most of this opportunity
Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.