top of page

Pfizer

Senior Manager of Threat Remediation

Job Function:

IT/IT

Job Type:

Permanent

Location:

Sandwich (Kent) with flexibility

Based:

Flexible

Closing date:

ABOUT THE ROLE

The Global Information Security (GIS) team protects critical information assets by employing world-class talent, implementing top security controls, providing outstanding leadership, and maintaining a culture of colleague empowerment that supports Pfizer’s mission of delivering breakthroughs that change patients’ lives. GIS teams continuously work to detect threats faster, respond decisively, and make Pfizer harder to hack.

The Senior Manager of Threat Remediation is responsible for applying their extensive array of technical knowledge & experience to drive the remediation of complex technical challenges resulting from incident response engagements and other related initiatives. This role requires ongoing proactive collaboration with various technical & non-technical business partners across the company, along with incident responders during & after incidents. The incumbent will primarily focus on bolstering threat remediation capabilities in response to more significant technical challenges encountered by the team and serving as a champion for improvements to our security posture.

This is an exciting opportunity to be part of a diverse and talented team at Pfizer. This role is ideal for candidates who are motivated, creative, organized, respectfully assertive, confident in their knowledge, and embrace a culture of collaboration. The ideal candidate will possess a refined set of technical, communication, and project management skills. A strong technical background in all facets of enterprise computing environments is desirable. This would ideally include expertise in enterprise-class security architecture & risk management.

GIS leadership strives to maintain a positive, collaborative, empowering, trusting, and supportive work environment that allows colleagues to grow and realize their full potential. This is achieved by maintaining an ongoing focus on our core values and providing team members with the tools they need to succeed. This is a great place to work where colleagues are provided with opportunities to do their best work and enjoy the benefits of the same.

Given the challenges associated with filling specialized cybersecurity roles, the organization is open to considering senior technical professionals who have the skills and experience required to fulfil the duties of this position. Candidates meeting the core job requirements are encouraged to apply and will be considered.

 

THE ROLE

  • Work in collaboration with GIS leadership to establish, maintain, and mature the Threat Remediation function, along with associated workflows, policies, and procedures.
  • Develop and maintain a comprehensive understanding of the core solutions & operating practices used to support the global enterprise.
  • Maintain a strong understanding of the Pfizer threat landscape and key sources of risk for the company.
  • Establish and maintain positive working relationships with key business partners across the organization.
  • Proactively identify opportunities to support incident response efforts through active participation in daily team calls and direct engagement with stakeholders.
  • Take ownership of specific threat remediation projects stemming from incident response efforts and other related initiatives.
  • As an authoritative source of cybersecurity knowledge & experience within GIS, provide expert-level guidance to threat remediation project teams.
  • Collaborate with solution owners and other stakeholders to develop threat remediation plans and drive the implementation of the same.
  • Ensure the timely and successful implementation of all expected outcomes defined in threat remediation plans.
  • Lead and / or contribute to the evaluation & selection of technical solutions being procured to address specific threats or drive operational efficiency.
  • Maintain accurate & complete documentation for all threat remediation projects.
  • Provide periodic updates & reports to relevant stakeholders on project & program status, outcomes, and achievements.
  • Exercise sound judgement & decision-making by leveraging knowledge & experience, along with policies, procedures, and company values.
  • Perform all work in alignment with the Agile operating model established by the organization and adopted by the team.

REQUIREMENTS

BASIC QUALIFICATIONS

  • BS in Information Security, Information Technology, Computer Science, or related field
  • Extensive professional experience in a large enterprise environment supporting information security or information technology functions with roots in security engineering, security architecture, security operations, incident response, or other similar disciplines
  • Extensive array of technical knowledge & experience in the cybersecurity &risk management domains
  • Experience applying common guidance, standard & frameworks, such as DoD STIGs & NIST CSF, to drive improvements to overall security posture and establish defence-in-depth
  • Highly proficient in the use of effective methods and controls to protect end-user devices (desktop & mobile), apps, network infrastructure, security infrastructure, cloud services, core network services, and other solutions from various threats
  • Strong technical aptitude, including the ability to understand unfamiliar technical scenarios, identify related threats, assess risk, and develop an educated opinion on security requirements
  • Capable of independently leading complex projects involving engagement with stakeholders from multiple disciplines and comprehensive collections of desired outcomes
  • Able to work effective in a team setting by understanding diverse perspectives, demonstrating technical competence, establishing rapport, professionally asserting a position, and influencing key decisions & actions to achieve positive outcomes
  • Able to exercise sound judgement and make complex decisions based on best-practices and established standards
  • Able to impart complex concepts to technical & non-technical colleagues in a concise, accurate, and complete manner in both written and verbal forms
  • Proven track record of delivering successful outcomes for challenging projects
  • Demonstrated history of being mission-focused, creative, detail-oriented, organized, and collaborative
  • Demonstrated dedication to training, self-paced study, and maintaining proficiency in the cybersecurity domain
  • Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach

 

PREFERRED QUALIFICATIONS

  • Extensive experience leading threat remediation projects for a global enterprise
  • Experience establishing and developing cybersecurity functions within a large organization
  • Expert-level knowledge of information security principles and standards
  • Experience using frameworks such as the Lockheed Martin Cyber Kill Chain, Diamond Model, and MITRE ATT&CK to model & analyze threat activity
  • Familiarity with common approaches to automating processes to reduce manual effort and optimize workflows
  • Security certifications such as CISSP, CISM, CISA, GCIA, GCIH, Security+, or similar

 

PHYSICAL/MENTAL REQUIREMENTS

  • Ability to perform complex data analysis

ABOUT THE COMPANY

HOW TO APPLY

bottom of page