Director, Cyber Governance Risk and Compliance ACD Deal Lead

ROLE SUMMARY

Our Global Cybersecurity Governance, Risk, and Compliance (GRC) team defines the blueprint for cybersecurity excellence by embedding governance, risk management, and compliance into every layer of the organization. The team enables consistent, risk-based decision‑making and ensures that security, privacy, and regulatory requirements are seamlessly integrated across Pfizer's global operations. We are seeking an experienced Director to serve in a strategic leadership role within the Security GRC organization, acting as the primary security representative for mergers, acquisitions, and divestitures. This role is accountable for ensuring security risk identification, regulatory alignment, and secure integration across the full transaction lifecycle—from diligence through post‑close execution—while enabling business agility and growth. The Director will partner closely with global stakeholders, including Digital, Legal, Privacy, Finance, and the Digital ACD PMO, to ensure M&A Digital and Technology services are forecasted, planned, designed, deployed, operated, and supported in a manner that meets IT general controls, cybersecurity standards, and regulatory requirements.

ROLE RESPONSIBILITIES

Serve as a cybersecurity and technology risk advisor to Digital & Technology and business integration stakeholders, enabling informed decisions aligned to enterprise risk appetite and regulatory expectations Embed security‑by‑design and compliant‑by‑design principles into the ACD operating model across strategy, solution delivery, operations, and lifecycle management Translate cybersecurity strategy, policies, and control requirements into practical, business‑aligned guidance that supports agile and product‑centric delivery Identify, assess, and manage information security and technology risks with Digital & Technology leaders, ensuring risks are mitigated, accepted, or escalated with clear ownership Provide independent risk insight, control assurance for Digital & Technology services and solutions Partner with CISO, Privacy, Legal, Compliance, and Audit teams to support audit readiness, regulatory inspections, and remediation execution Monitor risk posture and control effectiveness using KPIs/KRIs, driving targeted remediation and continuous improvement initiatives Promote a strong culture of security, accountability, and risk ownership across cross‑functional and matrixed teams Simplify risk and compliance processes to enable secure delivery at speed, improving standardization and reuse of proven patterns and playbooks Support delivery of CISO Infrastructure & Cloud services across ACD transactions, providing backup coverage across all phases (pre‑close, Day 1, steady state, exit), shaping secure and scalable solutions, and translating transaction requirements into repeatable delivery patterns with CISO service owners Enable execution excellence and operational rigor, including risk, dependency, and issue management across matrixed teams, continuous improvement of ACD operating models and playbooks, and support for financial, vendor, and resource governance under the execution lead

BASIC QUALIFICATIONS

Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field 8+ years of progressive experience in cybersecurity, governance, risk management, or compliance roles 5+ years of experience in a M&A setting supporting cybersecurity governance, policy, or risk management programs at scale Experience in a highly matrixed organization to support and drive strategic initiatives Excellent Communication skills, capable of succinctly defining the problem and delivering options for addressing potential compliance gaps Experience with implementing controls aligned to principles, and concepts of regulatory compliance, and of pharmaceutical regulations Excellent in‑depth understanding and working experience with compliance guidelines and regulations such as SOX, FDA GxP regulations, and Domestic/International privacy laws (i.e. PCI DSS, MA201, Safe Harbor, etc.) Excellent stakeholder management skills and organizational skills Ability to work independently and manage multiple priorities

PREFERRED QUALIFICATIONS

Professional certifications: CISSP, CISM, CRISC or similar Excellent strategic thinking Deeply analytical and credible Fact‑based decision‑making Candidate demonstrates a breadth of diverse leadership experiences and capabilities including: the ability to influence and collaborate with peers, develop and coach others, oversee and guide the work of other colleagues to achieve meaningful outcomes and create business impact.

PHYSICAL/MENTAL REQUIREMENTS

Extensive computer use NON‑STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS Flexible working hours to accommodate global time zones Requires 10‑15% travel, primarily between Pfizer locations (Groton, Collegeville, NYHQ), support unexpected / unannounced site inspections from regulatory authorities, and ACD transaction travel as required Work Location Assignment: Hybrid The annual base salary for this position ranges from $162,900.00 to $271,500.00. This position is eligible for participation in Pfizer's Global Performance Plan with a bonus target of 20.0% of the base salary and eligibility to participate in our share‑based long‑term incentive program. We offer comprehensive and generous benefits and programs to help our colleagues lead healthy lives and to support each of life's moments. Benefits include a 401(k) plan with Pfizer Matching Contributions and an additional Pfizer Retirement Savings Contribution, paid vacation, holiday and personal days, paid caregiver/parental and medical leave, and health benefits to include medical, prescription drug, dental and vision coverage. Relocation assistance may be available based on business needs and/or eligibility. Candidates must be authorized to be employed in the U.S. by any employer. U.S. work visa sponsorship (such as TN, O‑1, H‑1B, etc.) is not available for this role now or in the future. EEO & Employment Eligibility Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E‑Verify employer. This position requires permanent work authorization in the United States. #J-18808-Ljbffr Pfizer Belgium