Pfizer Logo

Pfizer

Manager, Vulnerability Management

Posted Yesterday
Be an Early Applicant
In-Office
Chortiatis
Mid level
In-Office
Chortiatis
Mid level
Lead day-to-day vulnerability management across on‑prem, cloud, and hybrid environments: run scans, analyze/prioritize findings, coordinate remediation with engineering and infrastructure teams, track and validate fixes, incorporate threat context, maintain metrics and compliance reporting, and drive continuous process and tooling improvements while managing and guiding vulnerability analysts.
The summary above was generated by AI
ROLE SUMMARY
Our Global Cyber Defense team is responsible for safeguarding Pfizer's digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud, and hybrid environments.
The Manager, Vulnerability Management is responsible for leading the execution of vulnerability management activities to identify, assess, prioritize, and reduce security weaknesses across the enterprise. This role oversees day‑to‑day vulnerability management operations, including scanning, analysis, prioritization, and remediation coordination. The role partners closely with engineering, infrastructure, cloud services, application, and security teams to ensure vulnerabilities are addressed in a timely, risk‑based, and compliant manner to reduce overall cyber exposure.
ROLE RESPONSIBILITIES
  • Lead the day‑to‑day execution of the vulnerability management program, ensuring consistent identification, assessment, and prioritization of vulnerabilities across enterprise environments.
  • Partner with a team of vulnerability management analysts, providing technical guidance.
  • Oversee vulnerability scanning activities across infrastructure, endpoints, cloud platforms, and applications, ensuring coverage and data quality.
  • Translate vulnerability findings into clear, actionable remediation guidance for technical owners, aligned to risk, exploitability, and business impact.
  • Coordinate remediation efforts with Infrastructure, Cloud Services, Engineering, Endpoint Security, and other technology teams to drive timely risk reduction.
  • Partner with Threat Intelligence, Threat Remediation, and Incident Response teams to incorporate threat context and active exploitation signals into prioritization decisions.
  • Track remediation progress, validate closure, and identify recurring issues or systemic control gaps requiring escalation or broader corrective action.
  • Ensure vulnerability management activities align with internal policies, regulatory requirements, and audit expectations.
  • Maintain reporting and metrics on vulnerability trends, remediation performance, and risk posture for Cyber Defense leadership.
  • Drive continuous improvement of vulnerability management processes, tooling, and workflows to increase efficiency, accuracy, and impact.

BASIC QUALIFICATIONS
  • Bachelor's degree in Information Security, Computer Science, Engineering, Information Technology, or a related field, or equivalent practical experience.
  • 4+ years of experience in cybersecurity, with a strong focus on vulnerability management, security operations, or exposure management.
  • Demonstrated responsibility for executing or overseeing vulnerability scanning, assessment, prioritization, and remediation tracking across infrastructure, endpoints, cloud platforms, or applications.
  • Experience translating vulnerability findings into risk‑based remediation guidance for infrastructure, cloud, application, or platform engineering teams.
  • Prior responsibility for coordinating remediation activities, including tracking ownership, validating fixes, managing exceptions, and escalating blocked or overdue items.
  • Familiarity with vulnerability severity, exploitability concepts, and compensating controls used to manage risk when immediate remediation is not feasible.
  • Experience leading analysts or serving as a technical lead responsible for task prioritization, quality assurance, and day‑to‑day delivery.
  • Strong analytical, organizational, and problem‑solving skills.
  • Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

PREFERRED QUALIFICATIONS
  • Familiarity with vulnerability management in cloud or hybrid enterprise environments.
  • Understanding of integrating threat context, exploitability, or attack paths into vulnerability prioritization.
  • Exposure to operating in regulated or highly controlled environments such as healthcare, life sciences, or manufacturing.
  • Experience supporting audit, compliance, or regulatory activities related to vulnerability management.
  • Ability to identify trends and drive process or control improvements over time.
  • Relevant professional certifications in cybersecurity or vulnerability management (e.g., CISSP, CISM, Security+, etc.)

Please apply by sending your CV in English.
Work Location Assignment: Hybrid
Purpose
Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let's start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms - allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
Disability Inclusion
Our mission is unleashing the power of all our people and we are proud to be a disability inclusive employer, ensuring equal employment opportunities for all candidates. We encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments to support your application and future career. Your journey with Pfizer starts here!
Pfizer endeavors to make www.pfizer.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process and/or interviewing, please email [email protected]. This is to be used solely for accommodation requests with respect to the accessibility of our website, online application process and/or interviewing. Requests for any other reason will not be returned.
To learn more about acceptable and prohibited uses of AI during the recruitment process, please review our candidate AI-use guidelines available on Pfizer Careers .
Information & Business Tech

Similar Jobs at Pfizer

6 Hours Ago
In-Office
Mid level
Mid level
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Lead the enterprise information protection and technology privacy program: define strategy, data classification and control frameworks, translate regulatory/privacy/IP obligations into policies, set minimum controls for DLP/encryption/access controls, manage information protection risks and audits, advise business units on privacy assessments across jurisdictions, act as Data Steward and primary technology privacy contact, drive adoption, training, and executive reporting.
Top Skills: Access ControlsArcherDlpEncryptionGrc PlatformsIso 27001Nist Cybersecurity Framework
Yesterday
In-Office
Senior level
Senior level
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Lead design and delivery of enterprise network security across on‑premises, cloud, and hybrid environments. Oversee firewalls, segmentation, remote access, detection technologies, and secure connectivity; partner with SOC, cloud, infrastructure, and OT teams; support incident response; ensure regulatory alignment and continuous improvement through metrics and reporting.
Top Skills: AWSAzureCloud-Native ControlsFirewallsGCPIds/IpsNdrNetwork SegmentationNetwork TelemetryPacket CapturePeeringPrivate ConnectivityProxies/SwgSIEMSoarTransitVpnZtna
2 Days Ago
In-Office or Remote
Expert/Leader
Expert/Leader
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Lead design and deployment of AI agents and workflow automations across Supply & Operations, coach and lead Operational Excellence (Lean/Six Sigma) projects, build OE capabilities, embed continuous improvement and AI-driven workflows into enterprise systems, and lead global OE programs and strategies in External Supply.
Top Skills: Copilot StudioErpLimsMesMicrosoft 365Microsoft CopilotPower AutomatePower BIPower PlatformSharepoint

What you need to know about the Melbourne Tech Scene

Home to 650 biotech companies, 10 major research institutes and nine universities, Melbourne is among one of the top cities for biotech. In fact, some of the greatest medical advancements were conceptualized and developed here, including Symex Lab's "lab-on-a-chip" solution that monitors hormones to predict ovulation for conception, and Denteric's vaccine for periodontal gum disease. Yet, the thousands of people working in the city's healthtech sector are just getting started, to say nothing of the tech advancements across all other sectors.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account