Lead and own end-to-end threat remediation across enterprise environments. Translate detection findings into prioritized remediation plans, coordinate with SOC, IR, engineering and business teams, track CAPAs, define remediation KPIs, support audits, and contribute to cyber defense strategy and technology selection.
ROLE SUMMARY
Our Global Cyber Defense team is responsible for safeguarding Pfizer's digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud, and hybrid environments.
The Senior Manager, Threat Remediation is responsible for owning and driving the end‑to‑end remediation of cybersecurity threats across the enterprise. This role sits at the intersection of threat detection, incident response, vulnerability management, offensive security and technology risk, ensuring that identified threats are prioritized, mitigated, and resolved in a timely, risk‑based, and compliant manner.
This role will work closely with the SOC, Cloud Services, Infrastructure, End User Computing, Engineering, GRC, Legal, Privacy, and Business stakeholders to reduce cyber risk and improve the organization's overall security posture.
ROLE RESPONSIBILITIES
BASIC QUALIFICATIONS
PREFERRED QUALIFICATIONS
Please apply by sending your CV and a motivational letter in English.
Work Location Assignment: Hybrid
Purpose
Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let's start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms - allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
Disability Inclusion
Our mission is unleashing the power of all our people and we are proud to be a disability inclusive employer, ensuring equal employment opportunities for all candidates. We encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments to support your application and future career. Your journey with Pfizer starts here!
Pfizer endeavors to make www.pfizer.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process and/or interviewing, please email [email protected]. This is to be used solely for accommodation requests with respect to the accessibility of our website, online application process and/or interviewing. Requests for any other reason will not be returned.
To learn more about acceptable and prohibited uses of AI during the recruitment process, please review our candidate AI-use guidelines available on Pfizer Careers .
Information & Business Tech
Our Global Cyber Defense team is responsible for safeguarding Pfizer's digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud, and hybrid environments.
The Senior Manager, Threat Remediation is responsible for owning and driving the end‑to‑end remediation of cybersecurity threats across the enterprise. This role sits at the intersection of threat detection, incident response, vulnerability management, offensive security and technology risk, ensuring that identified threats are prioritized, mitigated, and resolved in a timely, risk‑based, and compliant manner.
This role will work closely with the SOC, Cloud Services, Infrastructure, End User Computing, Engineering, GRC, Legal, Privacy, and Business stakeholders to reduce cyber risk and improve the organization's overall security posture.
ROLE RESPONSIBILITIES
- Own the threat remediation lifecycle, from intake of identified threats (incidents, alerts, vulnerabilities, control gaps) through containment, mitigation, and closure.
- Translate threat intelligence, SOC findings, red team results, penetration tests, and vulnerability scans into actionable remediation plans.
- Ensure remediation actions are risk‑based, prioritized, and aligned with business impact, regulatory exposure, and threat severity.
- Partner with Incident Response and SOC teams during active incidents to ensure effective containment and eradication strategies.
- Lead post‑incident remediation efforts, ensuring root cause analysis (RCA) is completed and systemic issues are addressed.
- Track and validate completion of corrective and preventive actions (CAPAs) resulting from incidents.
- Work with IT, engineering, and application owners to resolve vulnerabilities while respecting validated system change controls.
- Ensure compensating controls are documented and approved where remediation is constrained due to regulatory or operational limitations.
- Define and report on remediation KPIs and KRIs (e.g., mean time to remediate, overdue critical findings, repeat issues).
- Provide executive‑level reporting on remediation status, risk reduction, and systemic weaknesses.
- Support internal and external audits, regulatory inspections, and security assessments by demonstrating effective remediation governance.
- Partner with detection, threat intelligence, and vulnerability teams to close gaps between detection and remediation.
- Contribute to long‑term cyber defense strategy, including roadmap planning and technology selection.
BASIC QUALIFICATIONS
- Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical discipline, or equivalent experience.
- 7+ years of experience in cybersecurity, with hands-on involvement in remediation, vulnerability management, security engineering, or incident response.
- Strong understanding of:
- Threat actor tactics, techniques, and procedures (MITRE ATT&CK)
- Incident response and containment strategies
- Vulnerability management and remediation workflows
- Cloud security (AWS, Azure, GCP)
- Endpoint, network, identity, and application security
- Familiarity with SOC tooling (SIEM, SOAR, EDR/XDR), vulnerability scanners, and ticketing/workflow systems.
- Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.
- Leadership experience managing or mentoring analysts and engineers.
PREFERRED QUALIFICATIONS
- Working knowledge of GxP, FDA 21 CFR Part 11, EMA, HIPAA, GDPR, and other relevant regulations.
- Familiarity with security frameworks, risk management practices, and regulatory expectations relevant to pharmaceutical or life sciences organizations.
- Professional certifications such as CISSP, CISM, GIAC, or equivalent credentials related to security operations or risk management.
Please apply by sending your CV and a motivational letter in English.
Work Location Assignment: Hybrid
Purpose
Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let's start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms - allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
Disability Inclusion
Our mission is unleashing the power of all our people and we are proud to be a disability inclusive employer, ensuring equal employment opportunities for all candidates. We encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments to support your application and future career. Your journey with Pfizer starts here!
Pfizer endeavors to make www.pfizer.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process and/or interviewing, please email [email protected]. This is to be used solely for accommodation requests with respect to the accessibility of our website, online application process and/or interviewing. Requests for any other reason will not be returned.
To learn more about acceptable and prohibited uses of AI during the recruitment process, please review our candidate AI-use guidelines available on Pfizer Careers .
Information & Business Tech
Similar Jobs at Pfizer
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Deliver end-to-end BI and analytics solutions: design visualizations, report insights, apply Python/SQL, leverage Power BI/Tableau and ETL tools, promote data governance, and use AI/ML to automate and enhance decision-making.
Top Skills:
Ai/MlAlteryxAPIsData WarehousingDataiku DssETLPower BIPythonServicenow Performance AnalyticsSQLTableau
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Support end-to-end third‑party cyber risk assessments including intake, due diligence, risk evaluation, remediation tracking, reassessments, and maintaining TPRM documentation, metrics, and vendor risk records while coordinating with vendors and internal stakeholders.
Top Skills:
Archer
Artificial Intelligence • Healthtech • Machine Learning • Natural Language Processing • Biotech • Pharmaceutical
Serve as a technical security contact for business and IT stakeholders: perform cybersecurity risk assessments, advise on controls, embed security in designs and projects, support risk acceptance and remediation tracking, and collaborate with cloud, data, privacy, and infrastructure teams to enable risk-informed decisions.
What you need to know about the Melbourne Tech Scene
Home to 650 biotech companies, 10 major research institutes and nine universities, Melbourne is among one of the top cities for biotech. In fact, some of the greatest medical advancements were conceptualized and developed here, including Symex Lab's "lab-on-a-chip" solution that monitors hormones to predict ovulation for conception, and Denteric's vaccine for periodontal gum disease. Yet, the thousands of people working in the city's healthtech sector are just getting started, to say nothing of the tech advancements across all other sectors.
