Why Patients Need You

Technology impacts everything we do. Pfizer's digital and 'data first' strategy focuses on implementing impactful and innovative technology solutions across all functions from research to manufacturing. Whether you are digitizing drug discovery and development, identifying solutions, or making our work easier and faster, you will be making a difference to countless lives.

What You Will Achieve

Pfizer's Global Information Security (GIS) organization delivers proactive cyber defense for the global enterprise. Our mission is to secure all of Pfizer's digital information assets ranging from our scientific breakthroughs to the manufacturing floor, and out to the patients we serve. We achieve this mission through a combination of world-class talent, top-tier technologies, industry leading best practices, and the promotion of a cybersecurity ownership culture across the company.

Strong identity and access controls are vital to the security and operational resilience of Pfizer. We are seeking an experienced Director for Identity Governance to lead strategic and tactical initiatives, ensuring robust identity and access controls within our organization. This role involves developing and maintaining IAM strategies, overseeing compliance and audit requirements, and guiding complex IAM projects. The ideal candidate will have a strong background in IAM, audit, and compliance, coupled with leadership experience in managing cross-functional teams.

This role reports to the Senior Director, Identity and Access Management (IAM) and requires a balance of strategic thinking, strong communication and leadership skills and broad technical expertise across cloud, on-premises, IaaS, and SaaS environments.

How You Will Achieve It

• Leadership and Strategy : Develop and execute a comprehensive identity governance strategy that aligns with the organization's overall IT security framework and business objectives. Develop, review, and maintain a backlog of strategic and tactical IAM initiatives aimed at reducing risk, enhancing usability, and improving operational effectiveness. Develop security strategies and conduct technical feasibility studies, ensuring adherence to security, compliance, and audit requirements.

• Governance Model Oversight: Review and refine the Identity and Access Governance Model to ensure it aligns with organizational goals and regulatory requirements.

• Policy and Standards Management: Write, review, and enforce IAM policies, standards, and processes that support business, security, and regulatory needs. Ensure end-to-end IAM processes are standardized and aligned with policies.

• Cross-Functional Collaborations: Work with internal stakeholders to define requirements, prioritize initiatives, and ensure alignment with organization objectives.

• Project Management: Lead and manage complex IAM projects, including defining objectives, setting milestones, writing status reports, and ensuring timely and successful implementation. Develop and deliver training programs to educate employees and contractors on IAM systems, policies, and procedures, ensuring effective compliance and understanding across the organization.

• Identity Governance :Collaborate with teams to manage role-based access (RBAC), entitlement management, and the review and certification of access rights. Work closely with the IAM Lifecycle Management Team and the IAM PAM team.

• Metrics and Reporting: Establish key performance indicators (KPIs) and metrics to assess the effectiveness and adoption of IAM systems, programs, and processes. Regularly produce and present comprehensive reports to leadership, highlighting progress, challenges, and opportunities for improvement in identity and access management initiatives. Utilize data analytics to drive insights into governance, risk, and compliance and to support decision making.

• Audit and Compliance : Serve as the IAM direct interface for internal and external audits and global regulatory exams or certifications. Ensure compliance and reporting deadlines are met.

Qualifications

Must-Have

• Bachelor's degree in a relevant discipline.

• 10+ years of experience in IT/IAM/cybersecurity in a corporate environment.

• 5+ years of experience focused specifically identity governance and administration (IGA) in organizations with greater than 10,000 users.

• Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

• Experience with Agile methodologies and corresponding Agile based tools.

• Proven track record of leading teams, managing cross-functional projects, and interacting with senior stakeholders. Experience in managing both direct reports and external service providers.

• In-depth experience with IAM/IGA solutions and platforms.

• Extensive knowledge of global laws and regulations. In-depth understanding of regulatory requirements and industry standards related to data protection and privacy, including GxP, GDPR, CCPA, HIPAA, and SOX.

• Proven track record in managing compliance and audit requirements within IAM frameworks.

• Proficiency with related security technologies and practices, including Identity and Access Management (IAM), Multi-Factor Authentication (MFA), Single Sign-On (SSO), and threat detection.

• Proven experience in developing, implementing, and enforcing security policies and procedures to ensure compliance with applicable laws and regulations.

• Experience in conducting or overseeing internal and external audits and regulator exams.

• Demonstrated experience in writing policies and standards.

• Demonstrated ability to develop and execute strategic plans that align with organizational goals and industry best practices.

• Excellent verbal and written communication skills, with the ability to effectively present complex technical concepts to non-technical stakeholders and senior management.

• Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security risks and operational challenges.

• Ability to work collaboratively across various departments and teams, fostering a culture of security awareness and continuous improvement.

• Candidate demonstrates a breadth of diverse leadership experiences and capabilities including: the ability to influence and collaborate with peers, develop and coach others, oversee and guide the work of other colleagues to achieve meaningful outcomes and create business impact.

Nice-to-Have

• Professional certifications such as CISSP, CISA, CISM, CIAM, or CRISC are highly desirable.

• Prior roles in compliance and audit are desirable.

Non-Standard Work Schedule, Travel, or Environment Requirements

• Periodic international and domestic travel required (less than 5%).

Other Job Details:

• Last Day to Apply: September 20, 2024

• Work Location Assignment: Onsite 2 - 3 days per week or as needed by the business

The annual base salary for this position ranges from $161,600.00 to $269,400.00.* In addition, this position is eligible for participation in Pfizer's Global Performance Plan with a bonus target of 20.0% of the base salary and eligibility to participate in our share based long term incentive program. We offer comprehensive and generous benefits and programs to help our colleagues lead healthy lives and to support each of life's moments. Benefits offered include a 401(k) plan with Pfizer Matching Contributions and an additional Pfizer Retirement Savings Contribution, paid vacation, holiday and personal days, paid caregiver/parental and medical leave, and health benefits to include medical, prescription drug, dental and vision coverage. Learn more at Pfizer Candidate Site - U.S. Benefits | (uscandidates.mypfizerbenefits.com). Pfizer compensation structures and benefit packages are aligned based on the location of hire. The United States salary range provided does not apply to Tampa, FL or any location outside of the United States.

• The annual base salary for this position in Tampa, FL ranges from $145,400.00 to $242,400.00.

Relocation assistance may be available based on business needs and/or eligibility.

Sunshine Act

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.

EEO & Employment Eligibility

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer. This position requires permanent work authorization in the United States.

Information & Business Tech

#LI-PFE