ROLE SUMMARY
Pfizer's Global Information Security (GIS) organization delivers proactive cyber defense for the global enterprise. Our mission is to secure all of Pfizer's digital information assets ranging from our scientific breakthroughs to the manufacturing floor, and out to the patients we serve. We achieve this mission through a combination of world-class talent, top-tier technologies, industry leading best practices, and the promotion of a cybersecurity ownership culture across the company
Comprehensive threat management is vital to the security and resilience of Pfizer. The Associate, External Threat Analyst will oversee the operations of our External Attack Surface Management (EASM) solution. This role will work closely with our Global Information Security (GIS) teams to triage vulnerabilities and ensure effective remediation of findings. This collaboration will be vital in protecting Pfizer's digital environment from external threats
This role calls for a blend of analytical prowess and technical proficiency to triage findings and coordinate with business units for remediation efforts. The incumbent will report to the Sr. Manager, Attack Surface Reduction. The Attack Surface Reduction team is part of the Secure Business Enablement (SBE) organization within Pfizer's Global Information Security division
ROLE RESPONSIBILITIES
Primary responsibilities include leading the triage of external vulnerabilities identified by our EASM solution, developing strategies to effectively remediate these vulnerabilities, collaborating with business units to ensure timely resolution of findings, and maintaining up-to-date records of all remediation actions. Additional responsibilities include monitoring external threat landscapes, providing detailed analysis and reports on emerging threats, and assisting in the enhancement of external threat management processes
- Triage vulnerabilities identified by our External Attack Surface Management (EASM) solution to assess potential risks and prioritize remediation efforts
- Collaborate with business units to develop and implement remediation strategies for identified vulnerabilities, ensuring timely and effective resolution
- Monitor external threat landscapes and provide detailed analysis and reports on emerging threats and vulnerabilities
- Maintain accurate and up-to-date records of all triaged vulnerabilities and remediation actions taken, ensuring compliance with security policies and standards
- Work closely with the Sr. Manager, Attack Surface Reduction, and cross-functional teams to enhance the effectiveness of external threat management processes.
- Participate in regular security assessments and audits to identify areas for improvement in external threat management practices
- Assist in the development and maintenance of documentation related to external threat management processes and procedures
- Collaborate with the Global Information Security team to ensure alignment of external threat management efforts with overall security strategies
- Exercise sound judgment and decision-making, leveraging knowledge, experience, policies, procedures, and company values (Courage, Excellence, Equity, & Joy)
- Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.
BASIC QUALIFICATIONS
- Bachelor's degree in Computer Science, Information Security, or a related field. (or equivalent work experience)
-