Pfizer Logo

Pfizer

Manager, Business Information Security Office​

Posted Yesterday
Be an Early Applicant
In-Office
Chortiatis
Mid level
In-Office
Chortiatis
Mid level
Serve as the primary cybersecurity liaison for assigned business functions, embedding security into initiatives and technology programs. Lead risk identification, assessments, control applicability, remediation planning, and reporting. Coordinate with security, privacy, legal, and third-party teams, support audit and regulatory readiness, drive cybersecurity awareness and adoption, and improve the BISO operating model and governance processes.
The summary above was generated by AI
ROLE SUMMARY
Our Global Cybersecurity Governance, Risk, and Compliance (GRC) team provides comprehensive blueprints for cybersecurity excellence by embedding governance, risk management, and compliance into every layer. The team is responsible for ensuring risk-based decision-making is used, and that security, privacy, and regulatory compliance is integrated seamlessly with Pfizer's organization.
We are seeking an experienced Manager, Business Information Security Office (BISO) to serve as a trusted cybersecurity advisor and liaison between the Cybersecurity organization and business stakeholders. This role will support the integration of cybersecurity requirements into business initiatives, technology programs, and risk decisions while helping ensure alignment with enterprise policies, standards, regulatory expectations, and industry best practices.
ROLE RESPONSIBILITIES
  • Serve as a primary cybersecurity point of contact for assigned business functions, providing guidance on cyber risk, policy requirements, and control expectations.

  • Partner with business, digital, product, quality, privacy, legal, and compliance stakeholders to embed cybersecurity into business processes, technology initiatives, and transformation programs.
  • Support the identification, assessment, and communication of cybersecurity risks impacting business operations, critical assets, data, and third-party relationships.
  • Facilitate cybersecurity engagement across key business initiatives, including solution profiling, risk assessments, control applicability, and remediation planning.
  • Translate cybersecurity policies, standards, and regulatory requirements into practical business guidance and actionable requirements.
  • Monitor and report on cybersecurity risk posture, compliance status, open issues, exceptions, and remediation progress for assigned business areas.
  • Coordinate with Cyber GRC, security architecture, privacy, third-party risk, incident response, and technology teams to ensure consistent risk management practices.
  • Support business readiness for audits, inspections, regulatory inquiries, and internal assessments by coordinating responses and evidence collection.
  • Advise business stakeholders on cybersecurity implications related to new technologies, process changes, data use, cloud adoption, and vendor engagements.
  • Drive awareness and adoption of cybersecurity requirements, including data protection, access management, secure technology use, and risk acceptance processes.
  • Identify recurring control gaps, risk themes, and process improvement opportunities across business functions.
  • Prepare executive-ready reporting, metrics, dashboards, and briefing materials for business leadership and cyber governance forums.
  • Contribute to the ongoing enhancement of the BISO operating model, engagement processes, governance routines, and stakeholder communications.
  • Promote a risk-based, business-aligned cybersecurity culture that enables innovation while protecting company assets, regulated data, and critical operations.

BASIC QUALIFICATIONS
  • Bachelor's degree in Cybersecurity, Information Technology, Risk Management, Business, or a related field.
  • 4+ years of experience in cybersecurity, technology risk, information security, IT governance, compliance, or related disciplines.
  • Experience partnering with business stakeholders to assess cyber risk, communicate requirements, and support remediation activities.
  • Strong understanding of cybersecurity frameworks, policies, and controls, such as NIST CSF, ISO 27001, CIS Controls, or related industry standards.
  • Ability to translate complex technical and risk concepts into clear, business-relevant messaging.
  • Strong stakeholder management, communication, facilitation, and influencing skills.
  • Experience with GRC platforms, risk registers, control assessment processes, audit support, or exception management is preferred.
  • Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

PREFERRED QUALIFICATIONS
  • Relevant professional certifications (e.g., CISSP, CISA, CRISC, CISM, or similar) preferred
  • Familiarity with regulatory and compliance expectations in a highly regulated environment; pharmaceutical, healthcare, life sciences, or GxP experience is a plus.
  • Business-minded cybersecurity professional with a practical, risk-based approach.
  • Strong relationship builder who can operate effectively across technical, business, and executive audiences.
  • Comfortable working in a matrixed, global, and regulated environment.
  • Detail-oriented with strong follow-through, documentation, and issue management skills.
  • Proactive, collaborative, and able to balance risk management with business enablement.

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS
  • Travel as required by the business (less than 20% domestic and/or international)
  • Work Location Assignment: Must be able to work in assigned Pfizer office 2-3 days per week, or as needed by the business

Work Location Assignment: Hybrid
Please apply by sending your CV and a motivational letter in English
Purpose
Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let's start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms - allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
Disability Inclusion
Our mission is unleashing the power of all our people and we are proud to be a disability inclusive employer, ensuring equal employment opportunities for all candidates. We encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments to support your application and future career. Your journey with Pfizer starts here!
Pfizer endeavors to make www.pfizer.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process and/or interviewing, please email [email protected]. This is to be used solely for accommodation requests with respect to the accessibility of our website, online application process and/or interviewing. Requests for any other reason will not be returned.
To learn more about acceptable and prohibited uses of AI during the recruitment process, please review our candidate AI-use guidelines available on Pfizer Careers .
Information & Business Tech

Similar Jobs at Pfizer

Yesterday
In-Office
Mid level
Mid level
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Lead and deliver high-quality payroll operations across EMEA, ensuring accurate, compliant, and timely payroll processing. Manage day-to-day payroll activities, controls, audits, reporting, and escalations; drive process improvements and automation; coordinate with stakeholders and vendors; train and coach team members; monitor KPIs and maintain up-to-date documentation and regulatory compliance.
Top Skills: AdpPayroll Accuracy Tracker (Pat)SAPSap PayrollServicenowTime And Attendance SystemsWorkday
3 Days Ago
In-Office
Senior level
Senior level
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
The Cloud Engineer will enhance cloud infrastructure, develop automation workflows, ensure security compliance, and collaborate on cloud solutions. Ideal candidates have cloud engineering experience and proficiency in Infrastructure as Code.
Top Skills: AWSAzureGCPGithub ActionsOpentofuPythonSpaceliftTerraform
Senior level
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Execute proactive threat hunts, develop and tune detection use cases, analyze security telemetry and alerts, collaborate with SOC/IR and threat intelligence teams, document methodologies, and improve detection tooling and metrics across on‑premises, cloud, and hybrid environments.
Top Skills: BashCrowdstrikePowershellPythonSQL

What you need to know about the Melbourne Tech Scene

Home to 650 biotech companies, 10 major research institutes and nine universities, Melbourne is among one of the top cities for biotech. In fact, some of the greatest medical advancements were conceptualized and developed here, including Symex Lab's "lab-on-a-chip" solution that monitors hormones to predict ovulation for conception, and Denteric's vaccine for periodontal gum disease. Yet, the thousands of people working in the city's healthtech sector are just getting started, to say nothing of the tech advancements across all other sectors.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account