ROLE SUMMARY

Our Global Cybersecurity Governance, Risk, and Compliance team provides comprehensive blueprints for cybersecurity excellence by embedding governance, risk management, and compliance into every layer. The team is responsible for ensuring risk-based decision-making is used and that security, privacy, and regulatory compliance is integrated seamlessly with Pfizer's organization.

We are seeking an experienced Director of GRC Technology and Metrics to lead and advance the organization's cybersecurity governance, risk, and compliance technology ecosystem. The ideal candidate will be responsible for overseeing and optimizing GRC platforms, automation capabilities, and digital enablement strategies that support cybersecurity, data protection, and regulatory compliance across a highly regulated environment. This role will provide strategic leadership in modernizing tooling, improving control monitoring capabilities, and enabling consistent, data-driven risk management across the enterprise.

This role partners broadly across business units and technology functions to understand requirements, evaluate risks, and ensure GRC technology solutions align with internal policies and global regulatory expectations. The Director, GRC Technology and Metrics will champion platform adoption, deliver scalable and integrated capabilities, and guide senior leaders in leveraging GRC technologies to enhance transparency, strengthen assurance, and support informed decision-making.

ROLE RESPONSIBILITIES

• Lead the enterprise GRC technology and metrics program, ensuring scalable, integrated platforms that support risk, compliance, and cybersecurity objectives.
• Establish and maintain technology-driven processes, workflows, and automation capabilities that strengthen GRC frameworks and regulatory alignment.
• Drive consistent, data-driven risk decision making by enabling enterprise controls, automated monitoring, and enhanced reporting across business and technology functions.
• Partner with senior leaders across R&D, Manufacturing, Commercial, Digital, and Corporate functions to understand requirements and deliver GRC technology solutions that support strategic risk mitigation.
• Advise executives and stakeholders on GRC technology capabilities, platform insights, emerging technology risks, and opportunities for automation and optimization.
• Oversee GRC platforms and integrations to ensure cybersecurity, data protection, and compliance requirements are operationalized efficiently and sustainably.
• Champion a culture of technology-enabled accountability, transparency, and continuous improvement across all GRC processes.
• Align GRC technology solutions with global regulations, industry frameworks, and pharmaceutical expectations to support GxP system oversight, data integrity, and patient safety.
• Evaluate the effectiveness of GRC technology programs, measuring platform performance, adoption, and control assurance to inform leadership decisions.
• Collaborate with cross-functional technology and business teams to enhance GRC capability maturity, drive platform adoption, and strengthen organizational resilience through effective enablement.

BASIC QUALIFICATIONS

• Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field
• 8+ years of progressive experience in cybersecurity, governance, risk management, or compliance roles
• 5+ years of leadership experience overseeing technology-enabled GRC, automation, or platform-driven risk and compliance programs at scale
• Hands-on experience implementing or managing enterprise GRC platforms, such as Archer, or equivalent
• AI enablement and integration experience, especially with GRC platforms
• Experience designing automated workflows, integrations, and control monitoring across complex IT and business environments
• Strong understanding of cybersecurity frameworks (NIST CSF, ISO 27001) and how they translate into GRC tooling
• Prior experience modernizing GRC capabilities through digitization, automation, analytics, and continuous control monitoring
• Background working in highly regulated industries, preferably pharmaceutical, life sciences, healthcare, or manufacturing
• Proven ability to influence and collaborate with senior leaders, architects, engineering teams, and cross-functional business partners
• Experience managing large-scale technology enablement programs, including platform roadmaps, governance models, and enterprise adoption
• Strong data and analytics mindset, with experience leveraging dashboards and reporting to drive insights and decision making
• API integration experience

PREFERRED QUALIFICATIONS

• Professional certifications: CISSP, CISM, CRISC or similar
• Experience using GRC tools (e.g., Archer) and other automations (AI, analytics, etc)
• Excellent strategic thinking
• Deeply analytical and credible
• Fact-based decision-making grounded in metrics, dashboards, and platform insights
• Ability to challenge, influence, and support senior leadership
• Excellent communication and presentation skills
• Ability to bring structure to ambiguous technology and process problems
• Resourceful, self-motivated, and proactive - strong drive for excellence

PHYSICAL/MENTAL REQUIREMENTS

• No special physical requirements.
• Applicants should be capable of working through a personal laptop computer or mobile device for extended periods.

Candidate demonstrates a breadth of diverse leadership experiences and capabilities including: the ability to influence and collaborate with peers, develop and coach others, oversee and guide the work of other colleagues to achieve meaningful outcomes and create business impact.

NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS

15% travel

Work Location Assignment: Hybrid

Last Date to Apply for Job: 6/29/2026

The annual base salary for this position ranges from $176,600.00 to $294,300.00. In addition, this position is eligible for participation in Pfizer's Global Performance Plan with a bonus target of 20.0% of the base salary and eligibility to participate in our share based long term incentive program. We offer comprehensive and generous benefits and programs to help our colleagues lead healthy lives and to support each of life's moments. Benefits offered include a 401(k) plan with Pfizer Matching Contributions and an additional Pfizer Retirement Savings Contribution, paid vacation, holiday and personal days, paid caregiver/parental and medical leave, and health benefits to include medical, prescription drug, dental and vision coverage. Learn more at Pfizer Candidate Site - U.S. Benefits | (uscandidates.mypfizerbenefits.com). Pfizer compensation structures and benefit packages are aligned based on the location of hire. The United States salary range provided does not apply to Tampa, FL or any location outside of the United States.
Relocation assistance may be available based on business needs and/or eligibility.

Candidates must be authorized to be employed in the U.S. by any employer.

U.S. work visa sponsorship (such as TN, O-1, H-1B, etc.) is not available for this role now or in the future.

Sunshine Act

Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.

EEO & Employment Eligibility

Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer. This position requires permanent work authorization in the United States.

Pfizer endeavors to make www.pfizer.com/careers accessible to all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process and/or interviewing, please email [email protected]. This is to be used solely for accommodation requests with respect to the accessibility of our website, online application process and/or interviewing. Requests for any other reason will not be returned.

To learn more about acceptable and prohibited uses of AI during the recruitment process, please review our candidate AI-use guidelines available on Pfizer Careers.
Information & Business Tech