Senior Manager, Offensive Security

ROLE SUMMARY
Our Global Cyber Defense team is responsible for safeguarding Pfizer's digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud, and hybrid environments.
The Senior Manager, Offensive Security is responsible for leading enterprise offensive security capabilities that proactively identify, validate, and prioritize security weaknesses across the digital environment. Reporting to the Director of Threat & Exposure Management, this role oversees activities such as penetration testing, red and purple team exercises, and adversary simulation to continuously assess the organization's exposure to real‑world threats. Operating within a highly regulated pharmaceutical environment, the role partners closely with detection, remediation, engineering, and risk teams to translate offensive findings into measurable risk reduction and improved defensive outcomes.
ROLE RESPONSIBILITIES

• Lead the offensive security capability, including strategy, roadmap, and execution of enterprise penetration testing, red teaming, and adversary simulation activities.
• Plan and oversee offensive testing across applications, cloud platforms, networks, and endpoints to identify exploitable weaknesses and control gaps.
• Design and execute threat‑informed testing scenarios aligned to real‑world adversary tactics, techniques, and procedures.
• Partner with Threat Detection, Vulnerability Management, and Remediation teams to validate findings, prioritize exposures, and drive effective risk reduction.
• Partner with Threat Detection team to validate and improve logging, alerting, and response effectiveness.
• Ensure offensive security activities are safely executed, well‑governed, and aligned with legal, regulatory, and operational constraints.
• Lead third‑party penetration testing and red team vendor engagements as needed.
• Develop reporting and metrics that clearly communicate exposure, attack paths, and defensive effectiveness to Cyber Defense leadership.
• Continuously evolve offensive security techniques, tooling, and methodologies to reflect the changing threat landscape.
• Stay current on emerging attacker techniques, tools, and threat actor behaviors relevant to pharma and life sciences.

BASIC QUALIFICATIONS

• Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical discipline, or equivalent hands‑on experience.
• 7+ years of experience in cybersecurity, with significant hands‑on experience in offensive security, penetration testing, or red team operations.
• Strong hands‑on knowledge of:
  
  • Red team and adversary emulation methodologies (MITRE ATT&CK-aligned)
  • Application, cloud, network, and identity penetration testing
  • Social engineering and phishing simulations (where appropriate)
  • Tooling and frameworks commonly used in offensive security
• Solid understanding of modern enterprise environments (cloud, SaaS, hybrid).
• Proven ability to communicate complex technical findings to both technical and executive audiences.
• Experience in leadership and mentoring.
• Experience operating in highly regulated, global environments.
• Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

PREFERRED QUALIFICATIONS

• Experience in pharmaceutical, biotech, life sciences, or similarly regulated industries.
• Experience with cloud-native red teaming (AWS, Azure, GCP) and identity-centric attack paths.
• Familiarity with detection engineering, SIEM/SOAR, and threat intelligence workflows.
• Professional certifications such as OSCP, OSEP, CRTO, CISSP, GIAC, or similar offensive security‑focused credentials.
• Strong communication skills, with the ability to clearly articulate technical risk, attack feasibility, and business impact to senior technical and non‑technical stakeholders.

Please apply by sending your CV in English.
Work Location Assignment: Hybrid
Purpose
Breakthroughs that change patients' lives... At Pfizer we are a patient centric company, guided by our four values: courage, joy, equity and excellence. Our breakthrough culture lends itself to our dedication to transforming millions of lives.
Digital Transformation Strategy
One bold way we are achieving our purpose is through our company wide digital transformation strategy. We are leading the way in adopting new data, modelling and automated solutions to further digitize and accelerate drug discovery and development with the aim of enhancing health outcomes and the patient experience.
Flexibility
We aim to create a trusting, flexible workplace culture which encourages employees to achieve work life harmony, attracts talent and enables everyone to be their best working self. Let's start the conversation!
Equal Employment Opportunity
We believe that a diverse and inclusive workforce is crucial to building a successful business. As an employer, Pfizer is committed to celebrating this, in all its forms - allowing for us to be as diverse as the patients and communities we serve. Together, we continue to build a culture that encourages, supports and empowers our employees.
Disability Inclusion
Our mission is unleashing the power of all our people and we are proud to be a disability inclusive employer, ensuring equal employment opportunities for all candidates. We encourage you to put your best self forward with the knowledge and trust that we will make any reasonable adjustments to support your application and future career. Your journey with Pfizer starts here!
Information & Business Tech