Information-Cyber Security Analyst

at Pioneer Data Systems Inc
Location Collegeville, PA
Date Posted June 6, 2019
Category Default
Job Type Full-time


Position Details:
Our client, a world leading Pharmaceutical Company in Groton, CT/ Collegeville, PA is currently looking for a Information-Cyber Security Analyst
to join their expanding team

Job Title: Information-Cyber Security Analyst
Duration: 03 months contract, extendable up to 18 months (Possible contract to hire)
Location: Groton, CT/ Collegeville, PA

Client has the right-to-hire you as a permanent employee at any time during or after the end of contract.
You may participate in the company group medical insurance plan

Job Description:

  • Job Title: Cybersecurity Attack & Penetration Tester
  • Location: can work from Collegeville OR Groton site (potential to extend or possibly convert to FTE)
  • The Cybersecurity Assessment Manager will be the attack and penetration testing and red team assessment lead within Global Information Digital and Technology Organization . 
  • The lead will be expected to utilize their technical and creative skills for threat and risk analysis security testing various applications, platforms and solutions for company projects and responding to incidents. 
  • They will mentor the technical analysts on the team.
  • The GIS-BT team delivers three core capabilities for Pharmaceutical. 
  • The team secures the most important information assets through world-class protective controls, promotes a cybersecurity ownership culture across the company through targeted awareness education to empower colleagues to make informed risk decisions, and partners with business leaders to enable improved outcomes through the effective application of technologies that simplify user experience and reduce risk.

Role Responsibilities:

  • Performing and/or coordinating manual Attack and Penetration (A&P) testing, utilizing and leveraging the latest technologies in this role (ie – black web applications, mobile applications, various platforms, web services, databases, overall solutions)
  • Perform security threat modeling and assessments on various solutions in addition to manual A&P testing.
  • Lead and perform red team assessments
  • Lead and perform technical Critical Asset Review Evaluations
  • Researching new security threats, vulnerabilities and exploit techniques
  • Respond to new security threats and help implement new requirements as needed
  • Managing and maintaining security testing frameworks
  • Create or update new test cases and documentation for red teaming, CARE, and security testing for the security testing team
  • Develop and Lead training for technical testers and development teams for industry updates and technical changes.
  • Identify appropriate remediation steps, working with business partners to ensure that the threats that have been identified are correctly remediated and lead or co-lead the closure of the exposure while acquiring business expertise.
  • Identify gaps in analytical data and recommend additional data gathering to support or eliminate potential situations. Work collaboratively with forensic analysts and threat intelligence specialists to gather such data.
  • Demonstrated ability to work independently on multiple projects simultaneously with various project scopes.
  • Makes decisions guided by policies in non-standard situations
  • Complete work accurately and within the deadlines required.
  • Manages and provide technical guidance and oversight for technical resources
  • Utilize security related tools including A&P tools, Security application development tools, and other pertinent tools to establish detection of vulnerabilities, and subsequently create the appropriate reporting mechanisms and proactively recommend upgrades or special use tool recommendations.
  • Determining and testing upgrades to security technologies within scope
  • Work in a team environment while maintaining confidentiality of investigation information.
  • Provide mentoring to newer team members.
  • Deep knowledge of working with OWASP concepts for various solutions