Sr. Director, Security and Compliance
Pfizer, S.A. de C.V, New York, NY, United States
United States - New York - New York City
Role Summary
We are seeking an experienced Senior Director, Security & Compliance to lead the Security and Compliance Business Partners function within Pfizer's Global Cybersecurity Governance, Risk, and Compliance (GRC) organization. The role partners with R&D, PGS Manufacturing, Commercial, Digital, Enabling Services and corporate functions to ensure cybersecurity, data protection, and regulatory compliance requirements are understood, implemented, and sustained across the enterprise. The role serves as a trusted advisor to senior business leaders, helping them manage cybersecurity and compliance risks in alignment with company policies, regulatory obligations, and industry expectations. This position supports a modern, technology-led approach to a highly regulated pharmaceutical environment, including oversight of GxP systems, data integrity, patient safety, and global regulatory compliance. ROLE RESPONSIBILITIES
Business Partnership & Advisory Establish the vision and operational cadence for a team of Security and Compliance Partners assigned to global business units, regions, and functional areas. Implement a technology-driven solution to support security and compliance initiatives. Build strong relationships with senior leaders to integrate security and compliance considerations into business operations and strategic initiatives. Lead the development of practical, risk-based guidance that enables the business to meet regulatory and security requirements while supporting innovation. Partner with key leaders throughout the organization to execute on strategic goals and priorities for the Cyber GRC function. Cybersecurity Compliance Oversight Develop and execute a vision to modernize and scale cyber and digital compliance. Ensure alignment with pharmaceutical regulatory requirements, including GxP, data integrity, privacy, and global regulatory expectations. Partner with Quality, Legal, Privacy, and Enterprise Risk Management teams to ensure consistent governance and controls. Support the identification, assessment, and management of cybersecurity, IT and compliance risks affecting business processes, systems, and data. Regulatory and Audit Support Support internal and external audits, regulatory inspections, and compliance assessments by coordinating business engagement and remediation activities. Help business teams prepare for regulatory inquiries related to cybersecurity, data protection, and system controls. Track and report internal and external findings, remediation progress and risk acceptance decisions. Implement technology-led solutions to streamline audit and inspection processes. Leadership, Communication, and Reporting Promote consistent processes, documentation, and reporting while allowing flexibility for local regulatory requirements. Set clear role expectations, performance objectives, and development plans for team members. Foster a culture of collaboration, accountability, and continuous improvement. Provide regular updates to senior leadership on cybersecurity and compliance risks, trends, and key initiatives. Define and monitor key metrics to demonstrate security and compliance posture to leadership. Develop executive and committee-level reporting as needed. BASIC QUALIFICATIONS Bachelor’s degree required 12+ years of experience in Cybersecurity, IT, GRC, compliance, quality, or risk management roles within regulated industries, preferably in pharmaceutical industry Experience partnering directly with business leaders in a complex, global organization Proven ability to lead complex programs with multiple stakeholders and competing priorities Strong understanding of cybersecurity and IT risk management and compliance concepts in a pharmaceutical or life sciences environment Excellent communication and interpersonal skills; ability to influence across levels and functions CISM, CRISC or CISSP Certification Proficiency in project management tools (e.g., Smartsheet, MS Project), data analysis platforms, and MS Office Suite Demonstrated experience in an agile work environment with a collaborative mindset and proactive problem-solving approach PREFERRED QUALIFICATIONS Experience supporting GxP-regulated environments (GMP, GCP, GLP) and validated systems – Life Sciences or Consumer Products preferred Familiarity with global regulations and standards such as GDPR, HIPAA, SOX, ISO 27001, and NIST Experience working with Quality Management Systems (QMS) and regulatory inspection processes Professional certifications such as CISSP, CISM, CRISC, or similar Strong interpersonal and communication skills Ability to translate technical and regulatory requirements into business-friendly guidance Executive presence and stakeholder management Global mindset and ability to work across cultures Collaborative leadership style Continuously seeks new knowledge and approaches, leveraging innovation to enhance efficiency, effectiveness and impact NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS Travel as required by the business (domestic and/or international) – Estimated at 25% Work Location Assignment: Must be able to work in assigned Pfizer office 2-3 days per week, or as needed by the business This role is NOT remote Last Date to Apply for Job: 4/10/2026 Relocation assistance may be available based on business needs and/or eligibility. Candidates must be authorized to be employed in the U.S. by any employer. U.S. work visa sponsorship (such as TN, O-1, H-1B, etc.) is not available for this role now or in the future. EEO & Employment Eligibility
Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer. This position requires permanent work authorization in the United States.
#J-18808-Ljbffr
We are seeking an experienced Senior Director, Security & Compliance to lead the Security and Compliance Business Partners function within Pfizer's Global Cybersecurity Governance, Risk, and Compliance (GRC) organization. The role partners with R&D, PGS Manufacturing, Commercial, Digital, Enabling Services and corporate functions to ensure cybersecurity, data protection, and regulatory compliance requirements are understood, implemented, and sustained across the enterprise. The role serves as a trusted advisor to senior business leaders, helping them manage cybersecurity and compliance risks in alignment with company policies, regulatory obligations, and industry expectations. This position supports a modern, technology-led approach to a highly regulated pharmaceutical environment, including oversight of GxP systems, data integrity, patient safety, and global regulatory compliance. ROLE RESPONSIBILITIES
Business Partnership & Advisory Establish the vision and operational cadence for a team of Security and Compliance Partners assigned to global business units, regions, and functional areas. Implement a technology-driven solution to support security and compliance initiatives. Build strong relationships with senior leaders to integrate security and compliance considerations into business operations and strategic initiatives. Lead the development of practical, risk-based guidance that enables the business to meet regulatory and security requirements while supporting innovation. Partner with key leaders throughout the organization to execute on strategic goals and priorities for the Cyber GRC function. Cybersecurity Compliance Oversight Develop and execute a vision to modernize and scale cyber and digital compliance. Ensure alignment with pharmaceutical regulatory requirements, including GxP, data integrity, privacy, and global regulatory expectations. Partner with Quality, Legal, Privacy, and Enterprise Risk Management teams to ensure consistent governance and controls. Support the identification, assessment, and management of cybersecurity, IT and compliance risks affecting business processes, systems, and data. Regulatory and Audit Support Support internal and external audits, regulatory inspections, and compliance assessments by coordinating business engagement and remediation activities. Help business teams prepare for regulatory inquiries related to cybersecurity, data protection, and system controls. Track and report internal and external findings, remediation progress and risk acceptance decisions. Implement technology-led solutions to streamline audit and inspection processes. Leadership, Communication, and Reporting Promote consistent processes, documentation, and reporting while allowing flexibility for local regulatory requirements. Set clear role expectations, performance objectives, and development plans for team members. Foster a culture of collaboration, accountability, and continuous improvement. Provide regular updates to senior leadership on cybersecurity and compliance risks, trends, and key initiatives. Define and monitor key metrics to demonstrate security and compliance posture to leadership. Develop executive and committee-level reporting as needed. BASIC QUALIFICATIONS Bachelor’s degree required 12+ years of experience in Cybersecurity, IT, GRC, compliance, quality, or risk management roles within regulated industries, preferably in pharmaceutical industry Experience partnering directly with business leaders in a complex, global organization Proven ability to lead complex programs with multiple stakeholders and competing priorities Strong understanding of cybersecurity and IT risk management and compliance concepts in a pharmaceutical or life sciences environment Excellent communication and interpersonal skills; ability to influence across levels and functions CISM, CRISC or CISSP Certification Proficiency in project management tools (e.g., Smartsheet, MS Project), data analysis platforms, and MS Office Suite Demonstrated experience in an agile work environment with a collaborative mindset and proactive problem-solving approach PREFERRED QUALIFICATIONS Experience supporting GxP-regulated environments (GMP, GCP, GLP) and validated systems – Life Sciences or Consumer Products preferred Familiarity with global regulations and standards such as GDPR, HIPAA, SOX, ISO 27001, and NIST Experience working with Quality Management Systems (QMS) and regulatory inspection processes Professional certifications such as CISSP, CISM, CRISC, or similar Strong interpersonal and communication skills Ability to translate technical and regulatory requirements into business-friendly guidance Executive presence and stakeholder management Global mindset and ability to work across cultures Collaborative leadership style Continuously seeks new knowledge and approaches, leveraging innovation to enhance efficiency, effectiveness and impact NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS Travel as required by the business (domestic and/or international) – Estimated at 25% Work Location Assignment: Must be able to work in assigned Pfizer office 2-3 days per week, or as needed by the business This role is NOT remote Last Date to Apply for Job: 4/10/2026 Relocation assistance may be available based on business needs and/or eligibility. Candidates must be authorized to be employed in the U.S. by any employer. U.S. work visa sponsorship (such as TN, O-1, H-1B, etc.) is not available for this role now or in the future. EEO & Employment Eligibility
Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer. This position requires permanent work authorization in the United States.
#J-18808-Ljbffr