Senior Cyber Security Automation Developer Job Opening
The Global Information Security (GIS) organization delivers proactive cyber defense for the global Pfizer enterprise. Our mission is to secure all of Pfizer’s digital information assets ranging from the manufacturing floor, to the core data centers, and out to our patient facing solutions. We achieve this mission through a team of world-class talent that focuses on building a strong partnership with the business to build security into all aspects of our business. Across all aspects of our organization we utilize top-tier technologies, industry leading best practices, advanced analytics and the promotion of a cyber security ownership culture across the company.
The Senior Cyber Security Automation Developer will be embedded with cyber security analysts to develop capabilities that will fill gaps not currently addressed by commercially available technologies. This role will work closely with incident responders, forensic examiners and other customers to provide solutions that drive engagement with the Incident Management platform and reduce our time to detect and respond to attacks. You will be at the cutting edge of cyber security incident response techniques and leading the development of automated capabilities to enable the incident response team to respond faster and with better precision. This position will involve cross functional collaboration, and the ability to evolve current cyber response processes into automated capabilities.
For Pfizer, we look for candidates that are motivated, self-learning, and team-oriented individuals. From a technical perspective, an ideal candidate would have the skills shown below, but candidates that possess a strong subset and an attitude towards self-development & growth will be considered.
Senior Cyber Security Automation Developer Role Responsibilities
The Senior Cyber Security Automation Developer role within the Global Information Security Team requires the highest levels of integrity. Colleagues on this team are entrusted with high levels of access and will view privileged communications as well as sensitive data. The ability to protect confidential information and operate within all policies, procedures and work instructions is a must.
- The responsibilities critical to the performance of this position are:
- Attend daily and weekly Forensic Investigations and Incident Response meetings and implement solutions that will enable examiners the ability to respond more timely with repeatable processes.
- Thorough testing, documentation and implementation of applications or code that will enable security teams to respond to investigations and incidents globally through repeatable processes.
- Lead development projects that support acceleration of analysis and response by the incident response teams.
- Follow Agile development processes, including being responsive to evolving priorities as a result of cyber threats and incident response needs
- Document and present software design and implementation details during Agile peer-review sessions
- Provide constructive feedback and specific recommendations to the team during Agile peer-review sessions
- Ability to deliver production-quality code following the agile development methodology
- Effective oral, written, and interpersonal communications skills are required as well as organizational, planning, and administrative abilities and the ability to coordinate multiple complex projects simultaneously.
- The analyst must be able to work well with a team, including cross-unit and cross-divisional teams, and must be able to maintain poise and composure in difficult situations, with a professional attitude at all times.
- During high-priority incidents, the Cyber Analyst Acceleration Development team will directly augment the analyst teams by providing additional analysis capacity, and additional technical skills to overcome time-critical challenges.
Senior Cyber Security Automation Developer Basic Qualifications
- BS in Computer Sciences, Computer Forensics, Engineering or related field
- 4 years of combined experience in application development and Cyber incident response, including a minimum of 1 year of experience as a cyber incident responder or penetration tester
- Experience as a user in at least one Security Incident and Event Management (SIEM) platform
- Experience as an incident responder or penetration tester with at least one endpoint security, penetration testing, or forensics platform
- Experience designing and developing projects in at least one scripting language
- Experience as an administrator on at least two of the following operating systems:Windows, Macintosh, Linux, VMWare.
- Demonstrated ability to think critically and properly qualify assessments
- Demonstrated ability to provide concise, accurate communications (both verbal and written)
- Excellent communication, and presentation skills
- Ability to work both independently and in a team-oriented, collaborative environment
- Ability to set and manage expectations with key stakeholders and team members
- Demonstrated understanding of forensic methodologies and Cyber incident response methodologies
- Strong leadership skills with the ability to prioritize and execute with minimal direction or oversight
- Demonstrated ability to work as a member of an enterprise security team
- Application Development with APIs from workflow applications, SIEMS and other enterprise security systems is a plus
- Experience automating incident response tasks.
- Experience orchestrating multiple automated components in order to handle complex incident response use cases
- Experience with Python, JSON, BASH, MySQL,
- Experience developing code to interact with REST and SOAP Web Services
- Experience with application servers, relational databases, message queues