Pfizer's Digital Solutions and Enablement team are accountable for the creation, configuration, launch, and support of all externally facing digital (web, mobile, omni-channel, & device) products, platforms, services, and experiences, servicing all external customer types at Pfizer.
In addition, the DSE team is accountable for our Marketing Technology (Martech stack) inclusive of Digital Platforms, Digital Channel Enablement, Content Integration, and Marketing/Marketer Tools and for driving Digital Enablement within Pfizer, including Robotic Process Automation, Intelligent Assistants and Workforce Productivity tools.
The Sr Manager, Security Engineer is accountable for ensuring the security of assets managed by the DS&E team (incl. platforms, applications and data). They work alongside project and product teams, providing guidance and driving adherence to security best practices.
The Rapid Response team are tasked with resolving highly impactful and complex events. These incidents include but are not limited to security Incident, e.g. emergency security patching of systems, Quarantine, Lockdown, response to DDoS attack or breach and High Visibility Operational Outage, e.g. primary DS&E system is taken offline.
In addition to situation resolution the role is tasked with identifying proactively finding and resolving weaknesses in our infrastructure and platforms, in collaboration with Pfizer Global Infosecurity, DS&E Engineering, and DS&E Operations colleagues.
This position requires an individual with considerable knowledge of security principles, and the expertise to put robust security frameworks in place. They must be a vocal advocate of security in all aspects of platform development/support, embedding a culture that considers security as an integral and constant habit, not a gate or an afterthought.
The Sr Manager, Security Engineer will be expected to:
* Establish close partnerships with Pfizer Global Infosecurity, DS&E Engineering, and DS&E Operations colleagues, ensuring alignment in all areas of security (incl. security requirements, tooling, acceptable operational practices/procedures, and the strategic direction of security assurance). * Integrate into project/product teams, promoting security by design at an early stage, and helping teams fully embrace DevSecOps and the shift-left mentality. * Support product owners/stakeholders in understanding security considerations that may affect the functional requirements. * Work with developers/operations to consider threat vectors and create, review, and implement secure designs, collaborating with project/test leads to ensure appropriate security test coverage. * Manage outsourced suppliers providing security functions. * Oversee the creation of incident response and recovery plans for DS&E assets, ensuring that security announcements, CVEs and potential flaws or issues are acted on by teams in a timely and efficient manner. * Take appropriate risks to advance processes, break new ground, discover unknown risk and continuously improve the DS&E Team's security posture.
* Bachelor Degree and a minimum of 7 years relevant experience as an information technology professional in roles such as a security analyst or other cybersecurity role, software developer, systems engineer, computer engineer, engineering lead, technical team lead. * Strong technical knowledge of security principles and their application within an Enterprise environment
Demonstrable industry experience. Deep knowledge of, and ability to convey, information security concepts and practical measures to both technical and non-technical audiences.
Experience managing contract or colleague resources in large multi skilled teams.
NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS
Travel will be required as part of this role as it is a virtual position. Expectations around travel will vary but you will need to be capable of travel within the region and to other regions.
Our business is a 7x24x365 endeavor. This role may on occasion require physical or virtual participation on a weekend, holiday, or after normal business hours.
EEO & Employment Eligibility
Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer.
Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.
Other Job Details:
* Last Date to Apply for Job: July 9, 2019
Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.
Pfizer is a research-based biopharmaceutical company engaged in the discovery, development, manufacture, and distribution of healthcare products.