Pfizer
pharmaceutical
SeniorManager,OffensiveSecurity
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Manager, Offensive Security at Pfizer. Skills: offensive security, penetration testing, red team operations, adversary simulation. Lead the offensive security capability, including strategy, roadmap, and execution of enterprise penetration testing, red teaming, and adversary simulation activities.. Plan and oversee offensive testing across applications, cloud platforms, networks, and endpoints to identify exploitable weaknesses and control gaps.”
What You'll Achieve.
proactive threat detection, response, and risk mitigation; proactively identify, validate, and prioritize security weaknesses across the digital environment; continuously assess the organization’s exposure to real‑world threats; translate offensive findings into measurable risk reduction and improved defensive outcomes; drive effective risk reduction; validate and improve logging, alerting, and response effectiveness; clearly communicate exposure, attack paths, and defensive effectiveness to Cyber Defense leadership.
Industry & Context.
proactive problem-solving approach
What They're Looking For.
Must Have
Bachelor's degree in Computer Science, Information Security, Engineering, or a related technical discipline, or equivalent hands-on experience., 7+ years of experience in cybersecurity, with significant hands-on experience in offensive security, penetration testing, or red team operations., hands-on knowledge of Red team and adversary emulation methodologies (MITRE ATT&CK–aligned), hands-on knowledge of Application, cloud, network, and identity penetration testing, hands-on knowledge of Social engineering and phishing simulations (where appropriate), hands-on knowledge of Tooling and frameworks commonly used in offensive security, Solid understanding of modern enterprise environments (cloud, SaaS, hybrid)., Proven ability to communicate complex technical findings to both technical and executive audiences., Experience in leadership and mentoring., Experience operating in highly regulated, global environments., Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.
Nice to Have
Experience in pharmaceutical, biotech, life sciences, or similarly regulated industries., Experience with cloud-native red teaming (AWS, Azure, GCP) and identity-centric attack paths., Familiarity with detection engineering, SIEM/SOAR, and threat intelligence workflows., Professional certifications such as OSCP, OSEP, CRTO, CISSP, GIAC, or similar offensive security‑focused credentials., communication skills, with the ability to clearly articulate technical risk, attack feasibility, and business impact to senior technical and non‑technical stakeholders.
What You'll Do.
Lead the offensive security capability
and execution of enterprise penetration testing
and adversary simulation activities.
Plan and oversee offensive testing across applications
and endpoints to identify exploitable weaknesses and control gaps.
Design and execute threat‑informed testing scenarios aligned to real‑world adversary tactics
Partner with Threat Detection
Vulnerability Management
and Remediation teams to validate findings
and drive effective risk reduction.
Partner with Threat Detection team to validate and improve logging
and response effectiveness.
Ensure offensive security activities are safely executed
and aligned with legal
and operational constraints.
Lead third‑party penetration testing and red team vendor engagements as needed.
Develop reporting and metrics that clearly communicate exposure
and defensive effectiveness to Cyber Defense leadership.
Continuously evolve offensive security techniques
and methodologies to reflect the changing threat landscape.
Stay current on emerging attacker techniques
and threat actor behaviors relevant to pharma and life sciences.
How You'll Work.
Team & Collaboration
Partner closely with detection, remediation, engineering, and risk teams to translate offensive findings into measurable risk reduction and improved defensive outcomes.; Partner with Threat Detection, Vulnerability Management, and Remediation teams to validate findings, prioritize exposures, and drive effective risk reduction.; Partner with Threat Detection team to validate and improve logging, alerting, and response effectiveness.
Communication Scope
Proven ability to communicate complex technical findings to both technical and executive audiences.; communication skills, with the ability to clearly articulate technical risk, attack feasibility, and business impact to senior technical and non‑technical stakeholders.
Process & Methodology
strategy, roadmap, execution of enterprise penetration testing, red teaming, and adversary simulation activities.
Full Job Description
## **ROLE SUMMARY** Our Global Cyber Defense team is responsible for safeguarding Pfizer’s digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud, and hybrid environments. The **Senior Manager, Offensive Security** is responsible for leading enterprise offensive security capabilities that proactively identify, validate, and prioritize security weaknesses across the digital environment. Reporting to the Director of Threat & Exposure Management, this role oversees activities such as penetration testing, red and purple team exercises, and adversary simulation to continuously assess the organization’s exposure to real‑world threats. Operating within a highly regulated pharmaceutical environment, the role partners closely with detection, remediation, engineering, and risk teams to translate offensive findings into measurable risk reduction and improved defensive outcomes. ## **ROLE RESPONSIBILITIES** * Lead the offensive security capability, including strategy, roadmap, and execution of enterprise penetration testing, red teaming, and adversary simulation activities. * Plan and oversee offensive testing across applications, cloud platforms, networks, and endpoints to identify exploitable weaknesses and control gaps. * Design and execute threat‑informed testing scenarios aligned to real‑world adversary tactics, techniques, and procedures. * Partner with Threat Detection, Vulnerability Management, and Remediation teams to validate findings, prioritize exposures, and drive effective risk reduction. * Partner with Threat Detection team to validate and improve logging, alerting, and response effectiveness. * Ensure offensive security activities are safely executed, well‑governed, and aligned with legal, regulatory, and operational constraints. * Lead third‑party penetration testing and red team vendor engagements as needed. * Develop reporting and metrics that clearly communicate exposure, attack paths, an
Applying for this Senior Manager, Offensive Security role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Pfizer?
Real rants from real employees. Read before you apply.