Digital Forensic & Insider Threat Analyst

at  Pfizer

Digital Forensic & Insider Threat Analyst
The Pfizer Digital, Global Information Security (GIS) organization delivers various global security functions that secure Pfizer’s most important information assets through world-class controls and protections. GIS enables Pfizer’s business results by making security an enabler and not a roadblock. The GIS organization strives to broaden the cybersecurity ownership culture across the company through targeted awareness campaigns and empowering colleagues to be risk aware.
This entry level role is an exciting opportunity to be an Analyst in the Pfizer Digital Forensics & Insider Threat (DFIT) team. The analyst will be accountable for responding to information security alerts and investigation requests globally. This position requires an individual to be proficient in the forensic best practices of handling, collection and analysis of electronic evidence from a variety of data sources. The role will require analysts to conduct event correlation, perform attack lifecycle analysis, and develop proactive mitigations that enable a defense-in-depth posture for the Pfizer environment. The ability to protect confidential information and operate within all policies, procedures and work instructions is essential.

Tasks:

• Work with internal customers to plan and execute forensic support for both simple and complex investigations.
• Collect, process, and analyze electronically stored information (ESI) obtained from network, cloud and end user digital sources in accordance with forensic industry standards. Including chain of custody procedures and evidence handling.
• Establish the tools and procedures required to complete the assigned task.
• Ability to clearly and thoroughly document the repeatable actions taken during your analysis and have a strong attention to detail.
• Provide written and verbal status updates to customers and generate formal forensic analysis reports in a clear and concise manner.
• Participate in the Forensic Investigation Triage process triaging and prioritizing new requests and alert tickets.
• Use of industry standard digital forensic tools (such as EnCase, FTK, NUIX, Axiom, Cellebrite, X-Ways, SIFT Workstation, XRY).
• Suggest and develop proactive mitigations that enable a defense-in-depth posture for the Pfizer environment.
• Manage multiple concurrent investigations and projects with minimal supervision and be able to prioritize assigned tasks.
• Work on your own and in a team-oriented, collaborative environment and the ability to set and manage expectations with key stakeholders and team members.
• Conduct peer reviews of other examiners findings and work product.
• Respond to investigative requests at short notice, which may require domestic and international travel, and working during extended hours. In exceptional instances this may include weekends and holidays.
• Maintain forensic certifications and ability to provide expert testimony.

As part of a global team there may be times that require working outside normal business hours to attend meetings, case activities and complete projects.

QUALIFICATIONS

Essential:

This is an entry level role which requires either:

• Working knowledge related to digital forensics within Law Enforcement or within a corporate environment.
• Bachelor’s Degree in Computer Forensics, Cyber Security, Computer Science or commensurate professional experience.
• Understanding of some industry standard digital forensic tools such as EnCase, FTK, NUIX, Axiom, Cellebrite, X-Ways, SIFT Workstation, XRY.
• Outstanding communication skills, including the ability to write and verbally articulate industry terminology to a technical level, management level and senior executive level.
• Effective and efficient time and resource management.
• Proficiently handle complex, large volume, and previously un-encountered situations and examinations
• Must be able to research and apply appropriate technologies to different examinations.
• Can develop strategies to improve efficiency and consistency of service delivery.

The role is based at the Pfizer Sandwich office in Kent in the United Kingdom but with opportunities for flexible working.

Desirable:

• One or more of the following certifications: EnCE, CFCE, GCFE or GCFA is desirable.
• Experience using physical, local, and remote acquisition tools across multiple OS systems.
• Mobile device and memory forensic analysis experience would be beneficial.
• Understanding of European General Data Protection Regulation (GDPR) or European/Global Privacy laws.
• Programming skills primarily in Python or EnScripts.

Purpose
Breakthroughs that change patients’ lives… At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let’s start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms – allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
DisAbility Confident
We are proud to be a Disability Confident Employer and we encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments necessary to support your application and future career. Our mission is unleashing the power of our people, especially those with unique superpowers. Your journey with Pfizer starts here!
Information & Business Tech

Tasks:

• Work with internal customers to plan and execute forensic support for both simple and complex investigations.
• Collect, process, and analyze electronically stored information (ESI) obtained from network, cloud and end user digital sources in accordance with forensic industry standards. Including chain of custody procedures and evidence handling.
• Establish the tools and procedures required to complete the assigned task.
• Ability to clearly and thoroughly document the repeatable actions taken during your analysis and have a strong attention to detail.
• Provide written and verbal status updates to customers and generate formal forensic analysis reports in a clear and concise manner.
• Participate in the Forensic Investigation Triage process triaging and prioritizing new requests and alert tickets.
• Use of industry standard digital forensic tools (such as EnCase, FTK, NUIX, Axiom, Cellebrite, X-Ways, SIFT Workstation, XRY).
• Suggest and develop proactive mitigations that enable a defense-in-depth posture for the Pfizer environment.
• Manage multiple concurrent investigations and projects with minimal supervision and be able to prioritize assigned tasks.
• Work on your own and in a team-oriented, collaborative environment and the ability to set and manage expectations with key stakeholders and team members.
• Conduct peer reviews of other examiners findings and work product.
• Respond to investigative requests at short notice, which may require domestic and international travel, and working during extended hours. In exceptional instances this may include weekends and holidays.
• Maintain forensic certifications and ability to provide expert testimony

This is an entry level role which requires either:

• Working knowledge related to digital forensics within Law Enforcement or within a corporate environment.
• Bachelor’s Degree in Computer Forensics, Cyber Security, Computer Science or commensurate professional experience.
• Understanding of some industry standard digital forensic tools such as EnCase, FTK, NUIX, Axiom, Cellebrite, X-Ways, SIFT Workstation, XRY.
• Outstanding communication skills, including the ability to write and verbally articulate industry terminology to a technical level, management level and senior executive level.
• Effective and efficient time and resource management.
• Proficiently handle complex, large volume, and previously un-encountered situations and examinations
• Must be able to research and apply appropriate technologies to different examinations.
• Can develop strategies to improve efficiency and consistency of service delivery