Director, Cyber Governance Risk and Compliance ACD Deal Lead

ROLE SUMMARY

Our Global Cybersecurity Governance, Risk, and Compliance (GRC) team defines the blueprint for cybersecurity excellence by embedding governance, risk management, and compliance into every layer of the organization. The team enables consistent, risk-based decision-making and ensures that security, privacy, and regulatory requirements are seamlessly integrated across Pfizer's global operations.

We are seeking an experienced Director to serve in a strategic leadership role within the Security GRC organization, acting as the primary security representative for mergers, acquisitions, and divestitures. This role is accountable for ensuring security risk identification, regulatory alignment, and secure integration across the full transaction lifecycle-from diligence through post-close execution-while enabling business agility and growth.

The Director will partner closely with global stakeholders, including Digital, Legal, Privacy, Finance, and the Digital ACD PMO, to ensure M&A Digital and Technology services are forecasted, planned, designed, deployed, operated, and supported in a manner that meets IT general controls, cybersecurity standards, and regulatory requirements.

ROLE RESPONSIBILITIES

• Serve as a cybersecurity and technology risk advisor to Digital & Technology and business integration stakeholders, enabling informed decisions aligned to enterprise risk appetite and regulatory expectations

• Embed security-by-design and compliant-by-design principles into the ACD operating model across strategy, solution delivery, operations, and lifecycle management

• Translate cybersecurity strategy, policies, and control requirements into practical, business-aligned guidance that supports agile and product-centric delivery

• Identify, assess, and manage information security and technology risks with Digital & Technology leaders, ensuring risks are mitigated, accepted, or escalated with clear ownership

• Provide independent risk insight, control assurance for Digital & Technology services and solutions

• Partner with CISO, Privacy, Legal, Compliance, and Audit teams to support audit readiness, regulatory inspections, and remediation execution

• Monitor risk posture and control effectiveness using KPIs/KRIs, driving targeted remediation and continuous improvement initiatives

• Promote a strong culture of security, accountability, and risk ownership across cross-functional and matrixed teams

• Simplify risk and compliance processes to enable secure delivery at speed, improving standardization and reuse of proven patterns and playbooks

• Support delivery of CISO Infrastructure & Cloud services across ACD transactions, providing backup coverage across all phases (pre-close, Day 1, steady state, exit), shaping secure and scalable solutions, and translating transaction requirements into repeatable delivery patterns with CISO service owners

• Enable execution excellence and operational rigor, including risk, dependency, and issue management across matrixed teams, continuous improvement of ACD operating models and playbooks, and support for financial, vendor, and resource governance under the execution lead

BASIC QUALIFICATIONS

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field

• 8+ years of progressive experience in cybersecurity, governance, risk management, or compliance roles

• 5+ years of experience in a M&A setting supporting cybersecurity governance, policy, or risk management programs at scale

• Experience in a highly matrixed organization to support and drive strategic initiatives

• Excellent Communication skills, capable of succinctly defining the problem and delivering options for addressing potential compliance gaps

• Experience with implementing controls aligned to principles, and concepts of regulatory compliance, and of pharmaceutical regulations

• Excellent in-depth understanding and working experience with compliance guidelines and regulations such as SOX, FDA GxP regulations, and Domestic/International privacy laws (i.e. PCI DSS, MA201, Safe Harbor, etc.)

• Excellent stakeholder management skills and organizational skills

• Ability to work independently and manage multiple priorities

PREFERRED QUALIFICATIONS

• Professional certifications: CISSP, CISM, CRISC or similar

• Excellent strategic thinking

• Deeply analytical and credible

• Fact-based decision-making

Candidate demonstrates a breadth of diverse leadership experiences and capabilities including: the ability to influence and collaborate with peers, develop and coach others, oversee and guide the work of other colleagues to achieve meaningful outcomes and create business impact.

PHYSICAL/MENTAL REQUIREMENTS

Extensive computer use

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS

Flexible working hours to accommodate global time zones

Requires 10-15% travel, primarily between Pfizer locations (Groton, Collegeville, NYHQ), support unexpected / unannounced site inspections from regulatory authorities, and ACD transaction travel as required

Work Location Assignment: Hybrid

Last Date to Apply for Job: 6/23/2026

The annual base salary for this position ranges from $162,900.00 to $271,500.00. In addition, this position is eligible for participation in Pfizer's Global Performance Plan with a bonus target of 20.0% of the base salary and eligibility to participate in our share based long term incentive program. We offer comprehensive and generous benefits and programs to help our colleagues lead healthy lives and to support each of life's moments. Benefits offered include a 401(k) plan with Pfizer Matching Contributions and an additional Pfizer Retirement Savings Contribution, paid vacation, holiday and personal days, paid caregiver/parental and medical leave, and health benefits to include medical, prescription drug, dental and vision coverage. Learn more at Pfizer Candidate Site - U.S. Benefits | (uscandidates.mypfizerbenefits.com). Pfizer compensation structures and benefit packages are aligned based on the location of hire. The United States salary range provided does not apply to Tampa, FL or any location outside of the United States.

Relocation assistance may be available based on business needs and/or eligibility.

Candidates must be authorized to be employed in the U.S. by any employer.

U.S. work visa sponsorship (such as TN, O-1, H-1B, etc.) is not available for this role now or in the future.

Sunshine Act

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.

EEO & Employment Eligibility

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer. This position requires permanent work authorization in the United States.

Pfizer endeavors to make accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process and/or interviewing, please email View email address on click.appcast.io. This is to be used solely for accommodation requests with respect to the accessibility of our website, online application process and/or interviewing. Requests for any other reason will not be returned.

To learn more about acceptable and prohibited uses of AI during the recruitment process, please review our candidate AI-use guidelines available on Pfizer Careers.

Information & Business Tech