Sr. Director, Cyber Defense

Role Summary

Our Cyber Defense team is the frontline of Pfizer’s cybersecurity operations, responsible for detecting, investigating, and responding to threats that could impact the confidentiality, integrity, and availability of our systems and data. This team leads critical functions including Security Operations Center (SOC) monitoring, incident response, digital forensics, penetration testing, threat intelligence, host security, platform support, and security automation. We are seeking an experienced leader to oversee enterprise-wide cybersecurity programs across these domains, ensuring coordination, rapid threat mitigation, and alignment with Pfizer’s cybersecurity strategy and regulatory obligations.

Responsibilities

• Define and execute the enterprise-wide strategy for cyber defense, aligning with Pfizer’s cybersecurity vision and business objectives.
• Develop and manage the Cyber Defense budget, ensuring alignment with organizational goals and effective allocation of resources. Monitor expenditures, forecast future budget needs and identify opportunities for cost optimization
• Serve as a key advisor to the CISO and senior leadership on threat trends, operational readiness, and incident response posture.
• Lead the transformation of legacy cybersecurity systems and drive the implementation of modern security practices across the organization.
• Oversee the 24/7 Security Operations Center (SOC) to ensure effective monitoring, alert triage, and incident response.
• Lead the global incident response program, ensuring rapid containment, investigation, and recovery from cyber incidents.
• Continuously enhance detection capabilities through automation, threat intelligence integration, and process improvements.
• Direct the threat intelligence program to provide actionable insights that inform detection, response, and risk mitigation strategies.
• Manage penetration testing and red teaming activities to proactively identify and remediate vulnerabilities across systems and applications.
• Manage data protection initiatives to ensure the confidentiality, integrity, and availability of sensitive information across the organization
• Lead and develop high-performing teams across Security Operations, Incident Response, Threat Intelligence, and related domains.

Qualifications

• Required: Bachelor’s degree with 15+ years of experience in cybersecurity, security operations, or related fields.
• Required: At least 8 years of direct leadership experience managing enterprise-wide security operations, incident response, and threat management functions.
• Required: Professional certifications such as CISSP, CISM, or GIAC (required).
• Preferred: Additional certifications in incident response or forensics (e.g., GCIH, GCFA) strongly preferred.
• Required: Strong background in security operations, incident response, and threat intelligence, with experience in regulatory frameworks and standards.
• Required: Deep knowledge of cybersecurity frameworks (NIST CSF, ISO 27001) and best practices for incident response and threat management.
• Required: Strong leadership, communication, and presentation skills, with the ability to translate complex security concepts into business-focused insights for senior executives.
• Preferred: Extensive understanding of the Crowdstrike suite, including its capabilities for SIEM, EDR and threat intelligence
• Preferred: Proven track record of leading cross-functional teams and driving strategic cybersecurity initiatives within a large, complex organization.

Additional Requirements

• Location: New York, NY
• Periodic international and domestic travel may be required (less than 5%).
• Work Location Assignment: Must be able to work in the assigned office 2-3 days per week, or as needed by the business.
• This role is NOT remote.