Associate, Technical Information Security Enablement

Our Global Governance, Risk, and Compliance (GRC) team provides comprehensive blueprints for cybersecurity excellence by embedding governance, risk management, and compliance into every layer. The team is responsible for ensuring risk-based decision-making is used and that security, privacy, and regulatory compliance is integrated seamlessly with Pfizer’s organization.

We are seeking a motivated Technical Information Security Enablement Associate who will service as a key security point‑of‑contact for business and technology stakeholders, responsible for executing technical risk assessments, advising on security controls, and enabling risk‑informed decision‑making. This role is ideal for someone who enjoys bridging technical security concepts and business context in a highly regulated industry.

ROLE RESPONSIBILITIES

• Act as a Technical Information Security Enablement analyst for assigned business units, programs, or technology domains.


• Support as a cybersecurity risk advisor for business and IT stakeholders, translating security requirements into practical guidance.


• Participate in project discussions, design reviews, and planning forums to ensure security and risk considerations are embedded early.


• Collaborate with Infrastructure, Cloud Services, Data, AI, Quality, Privacy, and Business leaders.


• Support the execution of cybersecurity and technology risk assessments.


• Assist technology and business owners to define risk treatment plans, including remediation actions, compensating controls, and timelines.


• Support risk acceptance and exception processes, ensuring decisions are well‑documented, time‑bound, and aligned with governance standards.


• Track and follow up on remediation commitments to closure.

BASIC QUALIFICATIONS

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, Risk Management, or related field OR equivalent practical experience.


• 1-2 years of experience in information security, risk, compliance, information protection, or related disciplines.


• Demonstrated ability to communicate technical risk to business audiences.


• Strong analytical, documentation, and organizational skills.

PREFERRED QUALIFICATIONS

• Experience in pharmaceutical, biotech, or other highly regulated industries.


• Exposure to risk assessments, threat modeling, or design reviews.


• Professional certifications such as CISSP, CISM, CRISC, CISA, ethical hacking, or similar.


• Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS

• Travel as required by the business (less than 20% domestic and/or international).


• Work Location Assignment: Must be able to work in assigned Pfizer office 2-3 days per week, or as needed by the business.

Please apply by sending your CV in English.

Work Location Assignment: Hybrid