Pfizer
Cybersecurity
Sr.Manager,InformationProtection
Neural analysis suggests this role is
optimal for Senior candidates.
“Sr. Manager, Information Protection at Pfizer. Skills: Information Protection, Data Protection, Global Data Protection, Privacy Regulations, Risk Management, Compliance, GRC Platforms. Define, maintain, and evolve Pfizer’s enterprise information protection policies, standards, control objectives, and oversight mechanisms.. Lead the Cyber GRC information protection program across regions.”
What You'll Achieve.
Ensuring risk-based decision-making is used; Security, privacy, and regulatory compliance is integrated seamlessly with Pfizer’s organization.; Establishing, governing, and operationalizing Pfizer’s enterprise data protection program.; Ensuring sensitive data is identified, classified, protected, and governed in alignment with regional and global privacy regulations, internal security policies, and enterprise risk management expectations.; Providing global oversight of data protection governance, policy, risk assessment, and control assurance across structured and unstructured data environments.; Embedding consistent information protection requirements into technology platforms, business processes, and enterprise risk decisions.; Enabling risk‑based decisions and protects sensitive, regulated data worldwide.; Ensuring risks related to sensitive, regulated, and critical data are identified, assessed, prioritized, and tracked.; Defining and reporting global and regional information protection risk metrics, enabling leadership visibility into enterprise-wide risk posture.; Supporting regulatory inquiries, audits, and assessments across jurisdictions by providing information protection governance evidence and risk posture insights.
Industry & Context.
Analytical, strategic thinking, and problem‑solving skills; Demonstrated ability to assess risk posture; Deeply analytical; Fact-based decision-making
Travel as required by the business (less than 5% domestic and/or international), CV in English
What They're Looking For.
Must Have
Bachelor's degree in information security, Information Technology, Cybersecurity, or related field., 7+ years of experience in information security, risk, compliance, information protection, or related disciplines., Demonstrated experience operating within regulated industries, with an understanding of regulatory expectations, audit requirements, and compliance obligations related to information protection, security controls, and risk management., Practical knowledge of information protection concepts and controls, including data classification/labeling, access governance principles, secure data handling, audit evidence, and incident coordination., Deep understanding of global data protection/privacy regulations (e. g. , CCPA, GDPR, NIS2, etc. ) and their application within large enterprises., Excellent verbal and written communication skills, with the ability to clearly articulate complex technical and risk‑based concepts to a wide range of audiences., analytical, strategic thinking, and problem‑solving skills, with demonstrated ability to assess risk posture., Proficiency with GRC platforms and data governance or risk reporting tools (e. g. , Archer, Purview, or similar).
Nice to Have
Professional certifications in privacy, data protection, or information security, (e. g. , Certified Information Privacy Manager (CIPM), Certified Information Privacy Professional (CIPP/E or equivalent), or an academic equivalent)., Excellent strategic thinking., Deeply analytical and credible., Fact-based decision-making., Deep understanding of data security objectives, governance models, and risk management considerations for complex enterprises operating in regulated industries., Experience supporting enterprise data classification, data lifecycle, or information governance programs., executive communication and presentation skills., Experience leading globally distributed teams or matrixed resources.
What You'll Do.
and evolve Pfizer’s enterprise information protection policies
and oversight mechanisms.
Lead the Cyber GRC information protection program across regions.
Establish and oversee information protection control requirements aligned to global and regional privacy regulations.
and business teams to embed information protection requirements into technology platforms
and business processes.
Drive information protection control assurance activities globally.
Define and report global and regional information protection risk metrics.
Support regulatory inquiries
and assessments across jurisdictions.
and mentor a globally distributed team of information protection and GRC professionals.
Influence enterprise initiatives by providing risk-based assessments of new technologies
digital transformation
and data-driven business models.
How You'll Work.
Team & Collaboration
Partner closely with Privacy, Legal, Compliance, Digital, Infrastructure, and Business stakeholders.; Lead, coach, and mentor a globally distributed team of information protection and GRC professionals, fostering a culture of collaboration and continuous improvement.
Communication Scope
Excellent verbal and written communication skills; Ability to clearly articulate complex technical and risk‑based concepts to a wide range of audiences; Executive communication and presentation skills
Full Job Description
## **ROLE SUMMARY** Our Global Cybersecurity Governance, Risk, and Compliance team provides comprehensive blueprints for cybersecurity excellence by embedding governance, risk management, and compliance into every layer. The team is responsible for ensuring risk-based decision-making is used and that security, privacy, and regulatory compliance is integrated seamlessly with Pfizer’s organization. We are seeking an experienced Senior Manager, Data Protection to serve in a strategic leadership role within the Cyber GRC organization, responsible for establishing, governing, and operationalizing Pfizer’s enterprise data protection program across a global footprint spanning the United States, Europe, and Asia. This role ensures that sensitive data is identified, classified, protected, and governed in alignment with regional and global privacy regulations, internal security policies, and enterprise risk management expectations. The Senior Manager, Data Protection provides global oversight of data protection governance, policy, risk assessment, and control assurance across structured and unstructured data environments. Working across regions and time zones, this role partners closely with Privacy, Legal, Compliance, Digital, Infrastructure, and Business stakeholders to embed consistent information protection requirements into technology platforms, business processes, and enterprise risk decisions. Through scalable governance, measurable controls, and clear accountability, this role enables risk‑based decisions and protects sensitive, regulated data worldwide. ## **ROLE RESPONSIBILITIES** * Define, maintain, and evolve Pfizer’s enterprise information protection policies, standards, control objectives, and oversight mechanisms, ensuring consistent application across the United States, Europe, and Asia. * Lead the Cyber GRC information protection program across regions, ensuring risks related to sensitive, regulated, and critical data are identified, assessed, prioritized, an
Applying for this Sr. Manager, Information Protection role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about Pfizer?
Real rants from real employees. Read before you apply.