Role Summary
Our Cyber Defense team is the frontline of Pfizer’s cybersecurity operations, responsible for detecting, investigating, and responding to threats that could impact the confidentiality, integrity, and availability of our systems and data. This team leads critical functions including Security Operations Center (SOC) monitoring, incident response, digital forensics, penetration testing, threat intelligence, host security, platform support, and security automation. This leader will oversee enterprise-wide efforts in vulnerability management, threat intelligence, red teaming, SOC operations, incident response, insider risk, and secure network and cloud architecture. The ideal candidate will bring deep expertise in cyber operations, threat management, and security architecture, with a proven track record of driving large-scale, cross-functional cybersecurity programs. This role requires strong leadership, operational rigor, and the ability to translate technical risk into business-aligned strategies.
Responsibilities
Define and execute a comprehensive strategy for the Cyber Security Posture Management, Network Security, Cloud Security, and Cyber Defense programs aligned with Pfizer’s cybersecurity vision and business priorities.
Develop and manage budgets, ensuring alignment with organizational goals and effective allocation of resources. Monitor expenditures, forecast future budget needs and identify opportunities for cost optimization.
Serve as a key advisor to the CISO and senior leadership on threat trends, operational readiness, and incident response posture.
Lead the transformation of legacy cybersecurity systems and drive the implementation of modern security practices across the organization.
Oversee the global cyber defense program, inclusive of the 24x7 SOC, ensuring proactive threat detection, effective monitoring, alert triage, and coordinated incident response.
Direct the strategy and execution of Pfizer’s cloud security program, ensuring robust controls across identity and access management, encryption, monitoring, and compliance.
Lead a proactive vulnerability management program, including scanning, prioritization, remediation, and executive reporting.
Partner with IT and business units to ensure timely resolution of critical vulnerabilities and alignment with enterprise risk tolerance.
Drive the strategy and implementation of network security controls, including segmentation, firewalls, intrusion detection/prevention, and secure remote access.
Ensure continuous monitoring and protection of Pfizer’s global network infrastructure against emerging threats.
Lead and mentor high-performing teams across Cyber Posture Management, Network Security, Cloud Security, and Cyber Defense.
Qualifications
Required: 12 - 15+ years of experience in cybersecurity, with at least 8 years in leadership roles overseeing enterprise-wide cyber operations.
Required: Proven expertise in multiple cybersecurity domains, including vulnerability management, threat intelligence, SOC operations, incident response, insider risk, network security, and cloud security.
Required: Strong understanding of security architecture and technologies such as firewalls, IDS/IPS, WAF, DDoS mitigation, SIEM, SOAR, and cloud-native security tools.
Required: Professional certifications such as CISSP, GIAC (e.g., GCIA, GCIH), CISM, or equivalent.
Required: Demonstrated ability to translate technical risk into business-aligned strategies and communicate effectively with executive stakeholders.
Required: Deep familiarity with threat modeling frameworks and adversary simulation methodologies (e.g., MITRE ATT&CK, red/purple teaming).
Preferred: Extensive understanding of the CrowdStrike suite, including SIEM, EDR and threat intelligence.
Preferred: Experience with Wiz for cloud security management, including configuration, monitoring, and reporting.
Preferred: Experience with Zscaler for secure network access, including implementation, configuration, and performance optimization.
Preferred: Experience leading modernization initiatives and transforming legacy cybersecurity systems.
Preferred: Demonstrated experience negotiating multi-million dollar contracts with vendors and strategic partners.
Preferred: Experience working abroad and leading global cybersecurity initiatives across multiple regions.
Additional Requirements
Periodic international and domestic travel may be required (less than 5%).
Work Location Assignment: Must be able to work in the assigned office 2-3 days per week, or as needed by the business.
This role is NOT remote.
#J-18808-Ljbffr
Responsibilities
Define and execute a comprehensive strategy for the Cyber Security Posture Management, Network Security, Cloud Security, and Cyber Defense programs aligned with Pfizer’s cybersecurity vision and business priorities.
Develop and manage budgets, ensuring alignment with organizational goals and effective allocation of resources. Monitor expenditures, forecast future budget needs and identify opportunities for cost optimization.
Serve as a key advisor to the CISO and senior leadership on threat trends, operational readiness, and incident response posture.
Lead the transformation of legacy cybersecurity systems and drive the implementation of modern security practices across the organization.
Oversee the global cyber defense program, inclusive of the 24x7 SOC, ensuring proactive threat detection, effective monitoring, alert triage, and coordinated incident response.
Direct the strategy and execution of Pfizer’s cloud security program, ensuring robust controls across identity and access management, encryption, monitoring, and compliance.
Lead a proactive vulnerability management program, including scanning, prioritization, remediation, and executive reporting.
Partner with IT and business units to ensure timely resolution of critical vulnerabilities and alignment with enterprise risk tolerance.
Drive the strategy and implementation of network security controls, including segmentation, firewalls, intrusion detection/prevention, and secure remote access.
Ensure continuous monitoring and protection of Pfizer’s global network infrastructure against emerging threats.
Lead and mentor high-performing teams across Cyber Posture Management, Network Security, Cloud Security, and Cyber Defense.
Qualifications
Required: 12 - 15+ years of experience in cybersecurity, with at least 8 years in leadership roles overseeing enterprise-wide cyber operations.
Required: Proven expertise in multiple cybersecurity domains, including vulnerability management, threat intelligence, SOC operations, incident response, insider risk, network security, and cloud security.
Required: Strong understanding of security architecture and technologies such as firewalls, IDS/IPS, WAF, DDoS mitigation, SIEM, SOAR, and cloud-native security tools.
Required: Professional certifications such as CISSP, GIAC (e.g., GCIA, GCIH), CISM, or equivalent.
Required: Demonstrated ability to translate technical risk into business-aligned strategies and communicate effectively with executive stakeholders.
Required: Deep familiarity with threat modeling frameworks and adversary simulation methodologies (e.g., MITRE ATT&CK, red/purple teaming).
Preferred: Extensive understanding of the CrowdStrike suite, including SIEM, EDR and threat intelligence.
Preferred: Experience with Wiz for cloud security management, including configuration, monitoring, and reporting.
Preferred: Experience with Zscaler for secure network access, including implementation, configuration, and performance optimization.
Preferred: Experience leading modernization initiatives and transforming legacy cybersecurity systems.
Preferred: Demonstrated experience negotiating multi-million dollar contracts with vendors and strategic partners.
Preferred: Experience working abroad and leading global cybersecurity initiatives across multiple regions.
Additional Requirements
Periodic international and domestic travel may be required (less than 5%).
Work Location Assignment: Must be able to work in the assigned office 2-3 days per week, or as needed by the business.
This role is NOT remote.
#J-18808-Ljbffr