Associate, Third Party Risk Management

ROLE SUMMARY
Our Global Governance, Risk, and Compliance (GRC) team provides comprehensive blueprints for cybersecurity excellence by embedding governance, risk management, and compliance into every layer. The team is responsible for ensuring risk-based decision-making is used and that security, privacy, and regulatory compliance is integrated seamlessly with Pfizer's organization.
We are looking for an Associate to join our Third-Party Risk Management team, supporting key activities such as due‑diligence reviews, audit support, and maintaining accurate vendor risk records. This role involves engaging with third parties to complete risk assessments, collecting required evidence, ensuring updates are captured, and maintaining visibility into third‑party risks.
ROLE RESPONSIBILITIES

• Support the end‑to‑end lifecycle of cyber TPRM assessments: intake, scoping, due diligence, risk evaluation, documentation, remediation tracking, and closure.
• Assist in maintaining TPRM documentation, templates, and processes to support a consistent approach across vendors.
• Support vendor assessments by gathering security documents, reviewing information, and highlighting gaps that differ from the policies.
• Assist with due‑diligence activities by sending questionnaires, tracking responses, and ensuring information is complete.
• Assist and track remediation plans and due dates with vendors and internal stakeholders for identified gaps.
• Track open items through to closure, ensuring evidence meets documentation standards.
• Assist with periodic reassessments and continuous monitoring activities for higher‑risk vendors, including change‑triggered reviews (e.g., new data types, expanded scope, incidents, acquisitions).
• Produce and maintain TPRM operational metrics and dashboards.

BASIC QUALIFICATIONS

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field OR equivalent practical experience.
• 1-2 years of experience in information security, risk, compliance, information protection, or related disciplines.
• Experience with audits, assessments or compliance reviews.
• Excellent collaboration and interpersonal skills, with the ability to work effectively across levels and functions to support program objectives.
• Experience reviewing documents, questionnaires, or technical evidence with attention to detail.
• Strong business communication skills and organizational skills with the ability to manage multiple assessments/tasks in parallel.

PREFERRED QUALIFICATIONS

• Experience working in pharmaceuticals industry.
• Professional certifications such as CISSP, CISM, CRISC, CISA, PMP, or similar.
• Experience with GRC/TPRM tools (e.g., Archer).
• Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS

• Travel as required by the business (less than 20% domestic and/or international)
• Work Location Assignment: Must be able to work in assigned Pfizer office 2-3 days per week, or as needed by the business

Please apply by sending your CV in English.
Work Location Assignment: Hybrid
Purpose
Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let's start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms - allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
Disability Inclusion
Our mission is unleashing the power of all our people and we are proud to be a disability inclusive employer, ensuring equal employment opportunities for all candidates. We encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments to support your application and future career. Your journey with Pfizer starts here!
Pfizer endeavors to make www.pfizer.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process and/or interviewing, please email [email protected]. This is to be used solely for accommodation requests with respect to the accessibility of our website, online application process and/or interviewing. Requests for any other reason will not be returned.
To learn more about acceptable and prohibited uses of AI during the recruitment process, please review our candidate AI-use guidelines available on Pfizer Careers .
Information & Business Tech