The Global Information Security (GIS) team protects critical information assets by employing world-class talent, implementing top security controls, providing outstanding leadership, and maintaining a culture of colleague empowerment that supports Pfizer’s mission of delivering breakthroughs that change patients’ lives. GIS teams continuously work to detect threats faster, respond decisively, and make Pfizer harder to hack.
The Senior Manager of Threat Remediation is responsible for applying their extensive array of technical knowledge & experience to drive the remediation of complex technical challenges resulting from incident response engagements and other related initiatives. This role requires ongoing proactive collaboration with various technical & non-technical business partners across the company, along with incident responders during & after incidents. The incumbent will primarily focus on bolstering threat remediation capabilities in response to more significant technical challenges encountered by the team and serving as a champion for improvements to our security posture.
This is an exciting opportunity to be part of a diverse and talented team at Pfizer. This role is ideal for candidates who are motivated, creative, organized, respectfully assertive, confident in their knowledge, and embrace a culture of collaboration. The ideal candidate will possess a refined set of technical, communication, and project management skills. A strong technical background in all facets of enterprise computing environments is desirable. This would ideally include expertise in enterprise-class security architecture & risk management.
GIS leadership strives to maintain a positive, collaborative, empowering, trusting, and supportive work environment that allows colleagues to grow and realize their full potential. This is achieved by maintaining an ongoing focus on our core values and providing team members with the tools they need to succeed. This is a great place to work where colleagues are provided with opportunities to do their best work and enjoy the benefits of the same.
Given the challenges associated with filling specialized cybersecurity roles, the organization is open to considering senior technical professionals who have the skills and experience required to fulfil the duties of this position. Candidates meeting the core job requirements are encouraged to apply and will be considered.
THE ROLE
1. Work in collaboration with GIS leadership to establish, maintain, and mature the Threat Remediation function, along with associated workflows, policies, and procedures.
2. Develop and maintain a comprehensive understanding of the core solutions & operating practices used to support the global enterprise.
3. Maintain a strong understanding of the Pfizer threat landscape and key sources of risk for the company.
4. Establish and maintain positive working relationships with key business partners across the organization.
5. Proactively identify opportunities to support incident response efforts through active participation in daily team calls and direct engagement with stakeholders.
6. Take ownership of specific threat remediation projects stemming from incident response efforts and other related initiatives.
7. As an authoritative source of cybersecurity knowledge & experience within GIS, provide expert-level guidance to threat remediation project teams.
8. Collaborate with solution owners and other stakeholders to develop threat remediation plans and drive the implementation of the same.
9. Ensure the timely and successful implementation of all expected outcomes defined in threat remediation plans.
10. Lead and / or contribute to the evaluation & selection of technical solutions being procured to address specific threats or drive operational efficiency.
11. Maintain accurate & complete documentation for all threat remediation projects.
12. Provide periodic updates & reports to relevant stakeholders on project & program status, outcomes, and achievements.
13. Exercise sound judgement & decision-making by leveraging knowledge & experience, along with policies, procedures, and company values.
14. Perform all work in alignment with the Agile operating model established by the organization and adopted by the team.
BASIC QUALIFICATIONS
15. BS in Information Security, Information Technology, Computer Science, or related field
16. Extensive professional experience in a large enterprise environment supporting information security or information technology functions with roots in security engineering, security architecture, security operations, incident response, or other similar disciplines
17. Extensive array of technical knowledge & experience in the cybersecurity &risk management domains
18. Experience applying common guidance, standard & frameworks, such as DoD STIGs & NIST CSF, to drive improvements to overall security posture and establish defence-in-depth
19. Highly proficient in the use of effective methods and controls to protect end-user devices (desktop & mobile), apps, network infrastructure, security infrastructure, cloud services, core network services, and other solutions from various threats
20. Strong technical aptitude, including the ability to understand unfamiliar technical scenarios, identify related threats, assess risk, and develop an educated opinion on security requirements
21. Capable of independently leading complex projects involving engagement with stakeholders from multiple disciplines and comprehensive collections of desired outcomes
22. Able to work effective in a team setting by understanding diverse perspectives, demonstrating technical competence, establishing rapport, professionally asserting a position, and influencing key decisions & actions to achieve positive outcomes
23. Able to exercise sound judgement and make complex decisions based on best-practices and established standards
24. Able to impart complex concepts to technical & non-technical colleagues in a concise, accurate, and complete manner in both written and verbal forms
25. Proven track record of delivering successful outcomes for challenging projects
26. Demonstrated history of being mission-focused, creative, detail-oriented, organized, and collaborative
27. Demonstrated dedication to training, self-paced study, and maintaining proficiency in the cybersecurity domain
28. Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach
PREFERRED QUALIFICATIONS
29. Extensive experience leading threat remediation projects for a global enterprise
30. Experience establishing and developing cybersecurity functions within a large organization
31. Expert-level knowledge of information security principles and standards
32. Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model, and MITRE ATT&CK to model & analyze threat activity
33. Familiarity with common approaches to automating processes to reduce manual effort and optimize workflows
34. Security certifications such as CISSP, CISM, CISA, GCIA, GCIH, Security+, or similar
PHYSICAL/MENTAL REQUIREMENTS
35. Ability to perform complex data analysis
Work Location Assignment: Sandwich (Kent) with flexibility
Purpose
Breakthroughs that change patients' lives ... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let’s start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms – allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
DisAbility Confident
We are proud to be a Disability Confident Employer and we encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments necessary to support your application and future career. Our mission is unleashing the power of our people, especially those with unique superpowers. Your journey with Pfizer starts here!
Information & Business Tech#LI-PFE