Manager, Perimeter Security Testing
Sandwich, United Kingdom
Job posting number: #7216767 (Ref:pf-4906289)
Posted: February 13, 2024
Manager, Perimeter Security Testing
The Global Information Security (GIS) organization delivers proactive cyber defence for the global Pfizer enterprise. Our mission is to secure all of Pfizer’s digital information assets ranging from the manufacturing floor to the core data centres, and out to our patient facing solutions. We achieve this mission through a team of world-class talent that focuses on building strong partnerships to build security into all aspects of our business. Across GIS we utilize top-tier technologies, industry leading best practices, advanced analytics, and the promotion of a cybersecurity ownership culture to drive results for the enterprise.
The Manager, Perimeter Security Testing will perform cybersecurity manual and automated vulnerability assessments for business solutions that are externally facing. The assessments will focus on protecting the company information assets using a threat-based approach and recommend risk reduction actions. The manager will work within a team and directly with business technology application and technology teams. The position will report to the Global Information Security, Red Team Manager.
At Pfizer, you will find a company as focused on its internal culture as it is on its external reputation. You will have the opportunity to partner with colleagues of diverse backgrounds and abilities, people who contribute to all aspects of what we do—from drug development to marketing, technology to sales, and so much more.
Primary responsibilities include:
- Leverage industry best practices perform manual and automated security testing for web applications, architectures, specialty solutions including internet of things and wearable devices as well as participate in critical asset reviews.
- Research new security threats, vulnerabilities, and exploit techniques to identify new weaknesses and recommend remediation or mitigation.
- Ability to perform manual testing for remediation validation and verification of vulnerabilities reported.
- Create scripting code and methodologies for new testing techniques.
- Upgrade, maintain, and recommend security process workflows to support perimeter security testing and remediation.
- Manage assessments performed and deliver results to customers on time, assist customers with recommendations and retest as needed.
- Develop communications and present to key shareholders for assessments. Responding to new attack surfaces and help implement new requirements as needed.
- Drive remediation of findings or recommend mitigations to business stakeholders.
- Transform or adapt remediation tracking workflows and vulnerability risk ratings to prioritize business actions.
- Ability to work both independently and in a team-oriented, collaborative environment.
- Partner with global team members to drive secure outcomes based on industry best practices.
- Partner with the business units on developing remediation tracking deadlines, and deployment of mitigations
- Proven experience in information and cybersecurity
- BS in Computer Sciences, Information Security, Information Systems, Engineering, Sciences, or related field
- Experience performing security assessments.
- Familiar with automation or scripting languages
- Strong leadership skills with the ability to prioritize and execute with minimal direction or oversight.
- Ability to interpret log data and draw analytical conclusions.
- Maintain awareness of industry frameworks and best practices: Threat Modelling, NIST, OWASP, SANS Security Model
- Maintain awareness of industry trends and emerging technologies including web services, mobile, wearables, isolated architectures, databases security, IoT
- Understanding of operating systems, network protocols, and applications development
- Experience with security testing tool, proxies, port scanners, vulnerability scanners, exploit frameworks
- Proven track record in project planning, execution and delivering results with multiple projects concurrently.
- Ability to proactively solve complex problems both individually and as part of a team.
- Demonstrated commitment to training, self-study and maintaining proficiency in the cyber security domain.
- Effective oral, written, and interpersonal communications skills are required as well as organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously.
- High level of integrity and strong ethical values
Work Location Assignment: Flexible
Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let’s start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms – allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
We are proud to be a Disability Confident Employer and we encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments necessary to support your application and future career. Our mission is unleashing the power of our people, especially those with unique superpowers. Your journey with Pfizer starts here!Information & Business Tech#LI-PFE
Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer.