Sr. Director, Security and Compliance

About The Position

Requirements

• Bachelor’s degree required
• 12+ years of experience in Cybersecurity, IT, GRC, compliance, quality, or risk management roles within regulated industries, preferably in pharmaceutical industry
• Experience partnering directly with business leaders in a complex, global organization
• Proven ability to lead complex programs with multiple stakeholders and competing priorities
• Strong understanding of cybersecurity and IT risk management and compliance concepts in a pharmaceutical or life sciences environment
• Excellent communication and interpersonal skills; ability to influence across levels and functions
• CISM, CRISC or CISSP Certification
• Proficiency in project management tools (e.g., Smartsheet, MS Project), data analysis platforms, and MS Office Suite
• Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

Nice To Haves

• Experience supporting GxP-regulated environments (GMP, GCP, GLP) and validated systems – Life Sciences or Consumer Products preferred
• Familiarity with global regulations and standards such as GDPR, HIPAA, SOX, ISO 27001, and NIST
• Experience working with Quality Management Systems (QMS) and regulatory inspection processes
• Professional certifications such as CISSP, CISM, CRISC, or similar
• Strong interpersonal and communication skills
• Ability to translate technical and regulatory requirements into business-friendly guidance
• Executive presence and stakeholder management
• Global mindset and ability to work across cultures
• Collaborative leadership style
• Continuously seeks new knowledge and approaches, leveraging innovation to enhance efficiency, effectiveness and impact
• Candidate demonstrates a breadth of diverse leadership experiences and capabilities including: the ability to influence and collaborate with peers, develop and coach others, oversee and guide the work of other colleagues to achieve meaningful outcomes and create business impact.

Responsibilities

• Business Partnership & Advisory Establish the vision and operational cadence for a team of Security and Compliance Partners who are assigned global business units, regions and functional areas Implement a technology driven solution to support Build strong relationships with senior leaders to integrate security and compliance considerations into business operations and strategic initiatives. Lead the development of practical, risk-based guidance that enables the business to meet regulatory and security requirements while supporting innovation. Partner with key leaders throughout the organization to execute on strategic goals and priorities for the Cyber GRC function.
• Cybersecurity Compliance Oversight Develop and execute a vision to modernize and scale cyber and digital compliance. Ensure alignment with pharmaceutical regulatory requirements, including GxP, data integrity, privacy, and global regulatory expectations. Partner with Quality, Legal, Privacy, and Enterprise Risk Management teams to ensure consistent application of governance and controls. Support the identification, assessment, and management of cybersecurity, IT and compliance risks affecting business processes, systems, and data.
• Regulatory and Audit Support Support internal and external audits, regulatory inspections, and compliance assessments by coordinating business engagement and remediation activities. Help business teams prepare for regulatory inquiries related to cybersecurity, data protection, and system controls. Track and report internal and external findings, remediation progress and risk acceptance decisions. Implement technology-led solutions to streamline audit and inspection processes.
• Leadership, Communication, and Reporting Promote consistent processes, documentation, and reporting while allowing flexibility for local regulatory requirements. Set clear role expectations, performance objectives, and development plans for team members. Foster a culture of collaboration, accountability, and continuous improvement. Provide regular updates to senior leadership on cybersecurity and compliance risks, trends, and key initiatives. Define and monitor key metrics to demonstrate security and compliance posture to leadership. Develop executive and committee-level reporting as needed.

Benefits

• participation in Pfizer’s Global Performance Plan with a bonus target of 22.5% of the base salary and eligibility to participate in our share based long term incentive program
• a 401(k) plan with Pfizer Matching Contributions and an additional Pfizer Retirement Savings Contribution
• paid vacation, holiday and personal days
• paid caregiver/parental and medical leave
• health benefits to include medical, prescription drug, dental and vision coverage