Associate Insider Risk Detection Engineer

GBR - Sandwich

The Enterprise Platforms & Security (EP&S) team delivers the following capabilities for Pfizer. Business application platforms supporting Pfizer’s enterprise application and critical business processes. Infrastructure, allowing business traffic to travel where it needs to go, internally and externally, along with the appropriate access controls. EP&S secures Pfizer's most valuable information assets through world class controls and protections and enables Pfizer's business results by making security an enabler and not a roadblock to achieving business results.

The Global Information Security (GIS) team secures Pfizer’s most valuable information assets through world class talent, top security controls and an empowered culture that serves to enable Pfizer’s mission of delivering breakthroughs that change patients’ lives. 

The Information Security Awareness and Response (ISAR) team delivers four core capabilities for Pfizer – Digital Forensics and Insider Threat (DFIT), Insider Risk Detection (IRD), Operations and Awareness. ISAR secures Pfizer’s most valuable information assets through world-class controls and protections.  ISAR enables Pfizer’s business results by making security an enabler and not a roadblock. ISAR strives to broaden the cybersecurity ownership culture across the company through targeted awareness campaigns and empowering colleagues to be risk aware.

The Insider Risk Detection Engineer provides the DFIT team detection and alerting capabilities from within a SIEM environment using a variety of log sources.   Additionally, the Insider Risk Detection Engineer will aid the DFIT team in conducting forensic analysis of data, in accordance with SOP guidelines.  This position requires the highest levels of integrity, the ability to protect confidential information and operate within all policies, procedures, and work instructions.


  • Building out new detections to identify suspicious behaviors within current system and tools to identify and detect the misuse of Pfizer information.

  • Tuning and altering detections currently in place to provide improvements derived from ongoing investigations.

  • Work with internal customers to collaborate on ways to protect Pfizer Intellectual property and detect the inappropriate use of the information. 

  • Determine tools and procedures required to complete the assigned task.

  • Ability to clearly and thoroughly document the testing, validation, and implementation to protect Pfizer Intellectual property and detect the inappropriate use of the information. 

  • Collaborate with Forensic Analysts to create more accurate detections as it pertains to misuse of Pfizer information.

  • Ability to communicate in a clear and concise manner.

  • Conduct research into project-related issues.

  • Ability to manage concurrent task and work in a high pace environment. 

  • Maintain an organized workspace and office.

  • Essential that the candidate can work self-sufficiently on assigned tasks.

  • Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.


  • Bachelor’s Degree, preferably in Computer Science, Information Security, Cyber Security, Digital Forensics, or Behavioral Analysis

  • Entry-level professional experience (in a similar role) working with large datasets and identifying patterns or behaviors that identify the misuse of sensitive data.

  • Strong attention to detail

  • High personal Integrity

  • Ability to work both independently and in a team-oriented, collaborative environment.

  • Ability to clearly document and communicate detections, solution capabilities, and recommendations to both technical and non-technical audiences.

  • Ability to manage time and resources effectively and efficiently.

  • Must be able to research and apply appropriate technologies to different scenarios.

  • Can develop strategies to improve efficiency and consistency of service delivery.


  • Prior experience with both endpoint and Network DLP solutions

  • Prior experience with working with a SIEM like Splunk / Google Chronicle

  • Prior professional experience working in either Digital Forensics and/or Insider Risk

  • Programming skills primarily in Python or similar language


  • This is a desk job.

  • Flexible home working.


  • Standard work schedule & 10% travels required.

  • This role supports global business units which may require after hours support to address matters or attend meetings in different time zones


The primary customer groups and key relationships this position will have interactions with include Corporate Compliance, Global Security, Corporate Legal, People Experience, Employee Relations, Site Security, Global Information Security and Legal.

The primary support groups this position will have interactions with include the Digital Messaging Team, the Identity Management Team, the Network Team, the Desktop Engineering Team, Border and Enterprise Network Services, Desktop Service and Support, Telecommunications, Document Management (SharePoint), File and Print Services, Web Services and colleagues within Digital Security Services.

The primary external entities this position may have interactions is with vendors.

Work Location Assignment: Sandwich (Kent) with some flexible working possible


Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.  

Digital Transformation Strategy

One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.


We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let’s start the conversation!  

Equal Employment Opportunity 

We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms – allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.

DisAbility Confident

We are proud to be a Disability Confident Employer and we encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments necessary to support your application and future career. Our mission is unleashing the power of our people, especially those with unique superpowers. Your journey with Pfizer starts here!

Information & Business Tech

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  11  2  0

Tags: Agile Compliance Computer Science Forensics Python SharePoint SIEM Splunk Strategy

Perks/benefits: Career development Flex hours

Region: Europe
Country: United Kingdom

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.