Digital Forensic & Insider Threat Analyst
Digital Forensic & Insider Threat Analyst
The Pfizer Digital, Global Information Security (GIS) organization delivers various global security functions that secure Pfizer's most important information assets through world-class controls and protections. GIS enables Pfizer's business results by making security an enabler and not a roadblock. The GIS organization strives to broaden the cybersecurity ownership culture across the company through targeted awareness campaigns and empowering colleagues to be risk aware.
This entry level role is an exciting opportunity to be an Analyst in the Pfizer Digital Forensics & Insider Threat (DFIT) team. The analyst will be accountable for responding to information security alerts and investigation requests globally. This position requires an individual to be proficient in the forensic best practices of handling, collection and analysis of electronic evidence from a variety of data sources. The role will require analysts to conduct event correlation, perform attack lifecycle analysis, and develop proactive mitigations that enable a defense-in-depth posture for the Pfizer environment. The ability to protect confidential information and operate within all policies, procedures and work instructions is essential.
Tasks:
- Work with internal customers to plan and execute forensic support for both simple and complex investigations.
- Collect, process, and analyze electronically stored information (ESI) obtained from network, cloud and end user digital sources in accordance with forensic industry standards. Including chain of custody procedures and evidence handling.
- Establish the tools and procedures required to complete the assigned task.
- Ability to clearly and thoroughly document the repeatable actions taken during your analysis and have a strong attention to detail.
- Provide written and verbal status updates to customers and generate formal forensic analysis reports in a clear and concise manner.
- Participate in the Forensic Investigation Triage process triaging and prioritizing new requests and alert tickets.
- Use of industry standard digital forensic tools (such as EnCase, FTK, NUIX, Axiom, Cellebrite, X-Ways, SIFT Workstation, XRY).
- Suggest and develop proactive mitigations that enable a defense-in-depth posture for the Pfizer environment.
- Manage multiple concurrent investigations and projects with minimal supervision and be able to prioritize assigned tasks.
- Work on your own and in a team-oriented, collaborative environment and the ability to set and manage expectations with key stakeholders and team members.
- Conduct peer reviews of other examiners findings and work product.
- Respond to investigative requests at short notice, which may require domestic and international travel, and working during extended hours. In exceptional instances this may include weekends and holidays.
- Maintain forensic certifications and ability to provide expert testimony.
As part of a global team there may be times that require working outside normal business hours to attend meetings, case activities and complete projects.
QUALIFICATIONS
Essential:
This is an entry level role which requires either:
- Working knowledge related to digital forensics within Law Enforcement or within a corporate environment.
- Bachelor's Degree in Computer Forensics, Cyber Security, Computer Science or commensurate professional experience.
- Understanding of some industry standard digital forensic tools such as EnCase, FTK, NUIX, Axiom, Cellebrite, X-Ways, SIFT Workstation, XRY.
- Outstanding communication skills, including the ability to write and verbally articulate industry terminology to a technical level, management level and senior executive level.
- Effective and efficient time and resource management.
- Proficiently handle complex, large volume, and previously un-encountered situations and examinations
- Must be able to research and apply appropriate technologies to different examinations.
- Can develop strategies to improve efficiency and consistency of service delivery.
The role is based at the Pfizer Sandwich office in Kent in the United Kingdom but with opportunities for flexible working.
Desirable:
- One or more of the following certifications: EnCE, CFCE, GCFE or GCFA is desirable.
- Experience using physical, local, and remote acquisition tools across multiple OS systems.
- Mobile device and memory forensic analysis experience would be beneficial.
- Understanding of European General Data Protection Regulation (GDPR) or European/Global Privacy laws.
- Programming skills primarily in Python or EnScripts.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
