Senior Associate, Cyber Resilience

ROLE SUMMARY

Our Global Governance Risk and Compliance team provides comprehensive blueprints for cybersecurity excellence by embedding governance risk management and compliance into every layer. The team is responsible for ensuring risk-based decision-making is used and that security privacy and regulatory compliance is integrated seamlessly with Pfizers organization.

We are seeking an experienced Senior Associate Resilience to support the development and execution of our cyber resilience and operational preparedness capabilities. This role will play a key part in helping ensure Pfizer can anticipate withstand respond to and recover from cyber disruptions technology failures thirdparty incidents and operational criseswhile maintaining GxP compliance patient safety data integrity and regulatory continuity.

ROLE RESPONSIBILITIES

• Support the development and maintenance of cyber resilience frameworks playbooks and procedures aligned to business continuity disaster recovery and incident response.

• Contribute to cyber incident simulations tabletop exercises and recovery testing to validate organizational readiness.

• Assist in identifying and prioritizing critical business services systems and dependencies to inform resilience planning.

• Collaborate with GRC Digital Manufacturing R&D and Business stakeholders to assess cyber resilience risks and control gaps.

• Support alignment to industry frameworks and regulatory expectations (e.g. NIST CSF GxP considerations).

• Document evidence and artifacts required for audits assessments and regulatory inquiries.

• Track remediation actions and resilience enhancements across technology process and thirdparty dependencies.

• Analyze incidents and disruption events to identify lessons learned and improvement opportunities.

• Support metrics reporting and dashboards to communicate resilience posture to leadership.

BASIC QUALIFICATIONS

• Bachelors degree required in cybersecurity information systems risk management or related discipline preferred.

• 3 years of experience in information security risk compliance information protection or related disciplines

• Foundational knowledge of cybersecurity concepts incident response and risk management.

• Experience working in regulated industries (pharma life sciences healthcare or manufacturing strongly preferred).

• Strong analytical documentation and stakeholder communication skills.

PREFERRED QUALIFICATIONS

• Relevant certifications such as CISSP CISM CRISC CISA PMP or other governance/risk credentials.

• Familiarity with frameworks such as NIST CSF NIST SP 80053 ISO 22301 or ISO 27001.

• Exposure to GxP validated systems manufacturing environments or OT/ICS risks.

• Experience supporting cyber exercises scenario testing or recovery planning.

Work Location Assignment:Hybrid

Please apply by sending your CV and a motivational letter in English