Senior Associate, Cloud Security Engineer

ROLE SUMMARY

The Cloud and Network Security Services team represents the Digital Center of Excellence (CoE) for cloud infrastructure capabilities, providing foundational public and private cloud services to all business lines, globally across Pfizer. Cloud and Network Security Services is a high-performing team, focused on delivering secure, scalable, compliant, operationally viable, and cost-effective cloud solutions. Working within Cloud and Network Security Services is to be at the cutting edge of cloud technology within the context of the world’s leading biopharmaceutical organization, at a time when adoption of these technologies is increasing rapidly.

As a Senior Associate, Security Engineer, you will play a pivotal role in safeguarding Pfizer’s systems and data. Your deep expertise in cybersecurity will be instrumental in identifying potential vulnerabilities, developing robust security protocols, and responding to security incidents. You will work closely with various teams to integrate security measures into our technology infrastructure and promote a culture of security awareness across the organization. Your role will involve staying abreast of the latest cybersecurity threats and trends, ensuring our security strategies and practices are up-to-date and effective. Your leadership and technical skills will be crucial in strengthening our security posture and protecting our organization from cyber threats.

ROLE RESPONSIBILITIES

Pfizer Engineers must operate with the highest levels of integrity, as colleagues within Cloud and Network Security Services are often entrusted with the highest levels of access to development and production environments. The ability to protect confidential information, identify risks, mitigate non-compliance, and operate within defined policies & procedures is a must.

• Security Protocols Development: Develop and implement robust security protocols to protect the organization's systems and data from potential threats.
• Vulnerability Assessment: Conduct regular vulnerability assessments and penetration testing to identify potential weaknesses and implement necessary security measures.
• Incident Response: Respond to security incidents promptly, mitigating risks and conducting thorough post-incident analysis to prevent future occurrences.
• Security Integration: Collaborate with various teams to integrate security measures into the technology infrastructure, ensuring security is considered at all stages of development and deployment.
• Security Awareness: Promote a culture of security awareness across the organization, providing training and guidance to staff on best practices in cybersecurity.
• Threat Intelligence: Stay abreast of the latest cybersecurity threats and trends, ensuring the organization's security strategies and practices are up-to-date and effective.
• Compliance: Ensure compliance with relevant security standards and regulatory requirements, conducting regular audits and making necessary adjustments to security protocols.

BASIC QUALIFICATIONS

• Bachelor’s degree in computer science, Engineering, a related field or equivalent experience.
• 3+ years’ experience developing and/or maintaining cloud security controls.
• Knowledge of public and private cloud platforms (AWS, Azure, or Google Cloud).
• Knowledge and experience in Artificial intelligence security controls
• Experience in develop native cloud security controls such as Azure policy definitions, AWS service control Policy
• Proficiency in at least one programming language, such as Python, Java, or Go.
• Experience in Cloud Security Products such as Wiz, AWS Security Hub and Azure Defender .
• Excellent problem-solving skills, strategic thinking, and strong business acumen.
• Excellent communication skills, both written and verbal, with the ability to present complex technical information in a clear and concise manner.
• Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.

PREFERRED QUALIFICATIONS

• Certifications in cybersecurity, such as Certified Information Systems Security Professional (CISSP) or Cloud Specific Certifications (i.e AWS cloud practitioner, Azure AZ-900
• Experience with cloud security and understanding of relevant technologies and practices.
• Familiarity with regulatory standards such as GDPR, ISO 27001, or HIPAA.
• Experience in a leadership role, with the ability to guide and mentor junior security engineers.
• Demonstrated ability to stay current with the latest developments in cybersecurity threats and trends.
• Experience with security in DevOpsand Agile environments.

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS

Respond on short notice during normal working hours. Extended hours, weekends, and holidays may occasionally be required during critical events.

Limited travel may be required.

 
Work Location Assignment: Hybrid

Make a difference today! All suitable candidates should apply through the link with CV provided. We are looking forward to hearing from you!

In order to be considered for this position you need to be legally eligible to work in the EU.

Pfizer is an equal opportunity employer and complies with all applicable equal employment opportunity legislation in each jurisdiction in which it operates.

Due to the high volume of applications we will be contacting successful candidates only.