Pfizer Jobs

Job Information

Pfizer Senior Manager, Security Engineer in Remote, United Kingdom


Pfizer's Digital Solutions and Enablement team (DS&E) build, configure, launch and support all externally facing digital (web, mobile, omni-channel, & device) products, platforms, services, and experiences, servicing all external customer types at Pfizer. We are accountable for all Marketing Technology inclusive of Digital Platforms, Digital Channel Enablement, Content Integration, Marketing/Marketer Tools and for driving Digital Enablement within Pfizer, including Robotic Process Automation, Intelligent Assistants and Workforce Productivity tools. We deliver the digital assets our business needs in order to deliver our mission of patient value via groundbreaking commercial and technical solutions. As Sr Manager, Security Engineer, you will be accountable for ensuring the security of assets managed by the DS&E team (incl. platforms, applications and data). You will work alongside project and product teams, providing guidance and driving adherence to security best practices. We need an individual with considerable knowledge of security principles, and the expertise to put robust security frameworks in place. You must be a vocal advocate of security in all aspects of platform development/support, embedding a culture that considers security as an integral and constant habit, not a gate or an afterthought.


In this role, you will be expected to: Establish close partnerships with Pfizer Global Infosecurity, DS&E Engineering, and DS&E Operations colleagues, ensuring alignment in all areas of security (incl. security requirements, tooling, acceptable operational practices/procedures, and the strategic direction of security assurance). Integrate into project/product teams, promoting security by design at an early stage, and helping teams fully embrace DevSecOps and the shift-left mentality. Support product owners/stakeholders in understanding security considerations that may affect the functional requirements. Work with developers/operations to consider threat vectors and create, review, and implement secure designs, collaborating with project/test leads to ensure appropriate security test coverage. Manage outsourced suppliers providing security functions. Oversee the creation of incident response and recovery plans for DS&E assets, ensuring that security announcements, CVEs and potential flaws or issues are acted on by teams in a timely and efficient manner. Take appropriate risks to advance processes, break new ground, discover unknown risk and continuously improve the DS&E Team's security posture.


Extensive relevant experience as an information technology professional in roles such as a security analyst or other cybersecurity role, software developer, systems engineer, computer engineer, engineering lead, technical team lead. Strong technical knowledge of security principles and their application within an Enterprise environment


Bachelor of Science degree in Information Security, Information Management, Computer Science, Engineering, Technology Management or relevant discipline. Proven relevant experience in an Information Security role designing, delivering and securing large-scale, global systems & applications across multiple hardware and software platforms. Information Security Certification. Familiarity with some of the following technologies: AWS, PHP, Python, Drupal, Apache, nginx, Laravel, Go, Mulesoft, Java, MySQL, PostgreSQL, Couchbase, MongoDB, Javascript, NodeJS, Angular, Ionic, VueJS, Docker, Ansible, Kong, TravisCI, JIRA, Jenkins, Maven, Grafana, Sensu, Prometheus, Elasticsearch, Logstash, Redis, Memcached, Kibana, Composer, NPM.


Demonstrable industry experience. Deep knowledge of, and ability to convey, information security concepts and practical measures to both technical and non-technical audiences. Experience managing contract or colleague resources in large multi skilled teams.


Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.