Pfizer
pharmaceutical
SeniorManager,OffensiveSecurity
Neural analysis suggests this role is
optimal for Senior candidates.
“Senior Manager, Offensive Security at Pfizer. Skills: Offensive security, Penetration testing, Red teaming, Adversary simulation, Cloud security, Network security, Application security. Lead the offensive security capability, including strategy, roadmap, and execution of enterprise penetration testing, red teaming, and adversary simulation activities. Plan and oversee offensive testing across applications, cloud platforms, networks, and endpoints to identify exploitable weaknesses and control ga”
What You'll Achieve.
Proactively identify, validate, and prioritize security weaknesses across the digital environment; Translate offensive findings into measurable risk reduction and improved defensive outcomes; Drive effective risk reduction; Improve logging, alerting, and response effectiveness
Industry & Context.
Proactive problem-solving approach
What They're Looking For.
Must Have
7+ years of experience in cybersecurity, with significant hands-on experience in offensive security, penetration testing, or red team operations, Red team and adversary emulation methodologies (MITRE ATT&CK–aligned), Application, cloud, network, and identity penetration testing, Social engineering and phishing simulations (where appropriate), Tooling and frameworks commonly used in offensive security, Solid understanding of modern enterprise environments (cloud, SaaS, hybrid), Proven ability to communicate complex technical findings to both technical and executive audiences, Experience in leadership and mentoring, Experience operating in highly regulated, global environments, Demonstrated experience in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach
Nice to Have
Experience in pharmaceutical, biotech, life sciences, or similarly regulated industries, Experience with cloud-native red teaming (AWS, Azure, GCP) and identity-centric attack paths, Familiarity with detection engineering, SIEM/SOAR, and threat intelligence workflows, OSCP, OSEP, CRTO, CISSP, GIAC, or similar offensive security‑focused credentials
What You'll Do.
Lead the offensive security capability
and execution of enterprise penetration testing
and adversary simulation activities
Plan and oversee offensive testing across applications
and endpoints to identify exploitable weaknesses and control gaps
Design and execute threat‑informed testing scenarios aligned to real‑world adversary tactics
Partner with Threat Detection
Vulnerability Management
and Remediation teams to validate findings
and drive effective risk reduction
Partner with Threat Detection team to validate and improve logging
and response effectiveness
Ensure offensive security activities are safely executed
and aligned with legal
and operational constraints
Lead third‑party penetration testing and red team vendor engagements as needed
Develop reporting and metrics that clearly communicate exposure
and defensive effectiveness to Cyber Defense leadership
Continuously evolve offensive security techniques
and methodologies to reflect the changing threat landscape
Stay current on emerging attacker techniques
and threat actor behaviors relevant to pharma and life sciences
How You'll Work.
Team & Collaboration
Partner closely with detection, remediation, engineering, and risk teams to translate offensive findings into measurable risk reduction and improved defensive outcomes; Partner with Threat Detection, Vulnerability Management, and Remediation teams to validate findings, prioritize exposures, and drive effective risk reduction; Partner with Threat Detection team to validate and improve logging, alerting, and response effectiveness
Communication Scope
Proven ability to communicate complex technical findings to both technical and executive audiences; Ability to clearly articulate technical risk, attack feasibility, and business impact to senior technical and non-technical stakeholders
Process & Methodology
Strategy, Roadmap, Execution
Full Job Description
## **ROLE SUMMARY** Our Global Cyber Defense team is responsible for safeguarding Pfizer’s digital assets and infrastructure through proactive threat detection, response, and risk mitigation across on-premises, cloud, and hybrid environments. The **Senior Manager, Offensive Security** is responsible for leading enterprise offensive security capabilities that proactively identify, validate, and prioritize security weaknesses across the digital environment. Reporting to the Director of Threat & Exposure Management, this role oversees activities such as penetration testing, red and purple team exercises, and adversary simulation to continuously assess the organization’s exposure to real‑world threats. Operating within a highly regulated pharmaceutical environment, the role partners closely with detection, remediation, engineering, and risk teams to translate offensive findings into measurable risk reduction and improved defensive outcomes. ## **ROLE RESPONSIBILITIES** * Lead the offensive security capability, including strategy, roadmap, and execution of enterprise penetration testing, red teaming, and adversary simulation activities. * Plan and oversee offensive testing across applications, cloud platforms, networks, and endpoints to identify exploitable weaknesses and control gaps. * Design and execute threat‑informed testing scenarios aligned to real‑world adversary tactics, techniques, and procedures. * Partner with Threat Detection, Vulnerability Management, and Remediation teams to validate findings, prioritize exposures, and drive effective risk reduction. * Partner with Threat Detection team to validate and improve logging, alerting, and response effectiveness. * Ensure offensive security activities are safely executed, well‑governed, and aligned with legal, regulatory, and operational constraints. * Lead third‑party penetration testing and red team vendor engagements as needed. * Develop reporting and metrics that clearly communicate exposure, attack paths, an
Applying for this Senior Manager, Offensive Security role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Pfizer?
Real rants from real employees. Read before you apply.