Director, Privileged Access Services (PAM)

Why Patients Need You
Technology impacts everything we do. Pfizer's digital and 'data first' strategy focuses on implementing impactful and innovative technology solutions across all functions from research to manufacturing. Whether you are digitizing drug discovery and development, identifying solutions, or making our work easier and faster, you will be making a difference to countless lives.
What You Will Achieve
Pfizer's Global Information Security (GIS) organization delivers proactive cyber defense for the global enterprise . Our mission is to secure all of Pfizer's digital information assets ranging from our scientific breakthroughs to the manufacturing floor, and out to the patients we serve . We achieve this mission through a combination of world-class talent, top-tier technologies, industry leading best practices, and the promotion of a cybersecurity ownership culture across the company .
Strong identity and access controls are vital to the security and operational resilience of Pfizer. The Director, Privileged Access Services is accountable for the strategy, roadmap, technology, and operations of all privileged access technologies across Pfizer Digital. The leader will be responsible for driving innovation that reduces the risk to Pfizer by securing privileged accounts across numerous enterprise environments while also improving the user experience.
The primary responsibility is to strategize and leverage modern privileged access technologies to solve business requirements while future-proofing Pfizer's management of privileged accounts including end user accounts, machine to machine privileged access, API secrets and cloud controls while provid ing a customer-focused platform to easily use and leverage Pfizer's PAM services.
This role reports to the Senior Director , Identity & Access Management (IAM) and requires a balance of strategic thinking, strong communication and leadership skills and broad technical expertise across cloud, on-premises , and SaaS environments to drive innovative PAM solutions and practices.
How You Will Achieve It

• Strategic Oversight and Implementation: L ead the development of the PAM strategy and corresponding roadmaps considering the corporate strategy, industry security trends , and regulatory requirements. Establish a strategy and multi-year plan incorporating all parts of PAM: scan/discovery, remediation, lifecycle management, password rotation, password vaulting, just in time administration . Architect, design, develop and troubleshoot PAM solutions with the ability to provide technical and architectural design documentation, recommendations, specifications, use cases, requirements, and test cases. Create solutions that drive full automation, self-service, and resiliency . W ork to improve and track the maturity of the IAM PAM products and capabilities showing increased adoption and resiliency. Lead the design, integration, and operationalization of PAM solutions, ensuring seamless implementation across diverse business units and technologies. Act as the primary liaison between technical teams, business units, and strategic stakeholders to advance PAM services within the organization.
• Automation : Develop and implement strategies for automating the provisioning, deprovisioning, and review processes for privileged accounts. Leverage business, security, and risk requirements to enhance process efficiency and drive continuous improvement initiatives, focusing on automation and streamlining across disparate systems.
• Metrics and Reporting : Establish key performance indicators (KPIs) and metrics to assess the effectiveness and adoption of PAM systems. Regularly produce and present comprehensive reports to leadership, highlighting progress, challenges, and opportunities for improvement in privileged access management initiatives.
• Financial Leadership : Direct the financial planning and execution for PAM services, including capital investments, technology refresh cycles, business-funded initiatives, contractor management, and personnel compensation. Ensure alignment with budgetary constraints and strategic objectives .
• Organizational Leadership : Manage a team of direct reports and contract service providers. Develop and implement staffing strategies to ensure the team is well-equipped with the necessary skills and capacity . Promote a culture of innovation and continuous improvement, ensuring team members are qualified, trained, and aligned with organizational goals .
• Risk Management : Identify and assess privileged access related risks and vulnerabilities and develop strategies to mitigate these risks. Maintain a continuous review of privileged account hygiene and metrics behind stale and out of compliance accounts. Respond to security incidents related to privileged account compromise and lead investigations to determine root causes and remediation actions.

Qualifications
Must-Have

• Bachelor's degree in a relevant discipline.
• 10+ years of experience in IT/IAM/cybersecurity in a corporate environment.
• 5+ years of experience focused specifically on privileged access management (PAM) in organizations with greater than 10,000 users.
• Proven track record of leading teams, managing cross-functional projects, and interacting with senior stakeholders. Experience in managing both direct reports and external service providers.
• Extensive experience with PAM solutions and platforms such as CyberArk, BeyondTrust, or Thycotic, including their design, implementation, and operational management.
• Proficiency with related security technologies and practices, including Identity and Access Management (IAM), Multi-Factor Authentication (MFA), Single Sign-On (SSO), and threat detection.
• Strong background in integrating PAM solutions with diverse IT environments including Cloud, On-Premises, IaaS, and SaaS platforms (Azure, AWS).
• Experience with Agile methodologies and corresponding Agile based tools. Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.
• Experience in utilizing automation tools and scripting languages (e.g., PowerShell, Python) to streamline privileged access processes and improve operational efficiency.
• In-depth understanding of regulatory requirements and industry standards related to data protection and privacy, including GDPR, CCPA, HIPAA, and SOX.
• Proven experience in developing, implementing, and enforcing security policies and procedures to ensure compliance with applicable laws and regulations.
• Demonstrated ability to develop and execute strategic plans for privileged access management that align with organizational goals and industry best practices.
• Excellent verbal and written communication skills, with the ability to effectively present complex technical concepts to non-technical stakeholders and senior management.
• Strong analytical and problem-solving skills, with a proactive approach to identifying and addressing security risks and operational challenges.
• Ability to work collaboratively across various departments and teams, fostering a culture of security awareness and continuous improvement.

Nice-to-Have

• Professional certifications such as CISSP, CISM, CIAM, or certifications in PAM tools (e.g. CyberArk Certified Delivery Engineer) are highly desirable.

Non-Standard Work Schedule, Travel, or Environment Requirements

• Periodic international and domestic travel required (less than 5%)

Supervision

• Oversight of 3+ individual contributor colleagues plus contingent workers.
• Candidate demonstrates a breadth of diverse leadership experiences and capabilities including: the ability to influence and collaborate with peers, develop and coach others, oversee and guide the work of other colleagues to achieve meaningful outcomes and create business impact.

Other Job Details:

• Last Day to Apply: September 20, 2024
• Work Location Assignment: Flexible

The annual base salary for this position ranges from $161,600.00 to $269,400.00.* In addition, this position is eligible for participation in Pfizer's Global Performance Plan with a bonus target of 20.0% of the base salary and eligibility to participate in our share based long term incentive program. We offer comprehensive and generous benefits and programs to help our colleagues lead healthy lives and to support each of life's moments. Benefits offered include a 401(k) plan with Pfizer Matching Contributions and an additional Pfizer Retirement Savings Contribution, paid vacation, holiday and personal days, paid caregiver/parental and medical leave, and health benefits to include medical, prescription drug, dental and vision coverage. Learn more at Pfizer Candidate Site - U.S. Benefits | (uscandidates.mypfizerbenefits.com). Pfizer compensation structures and benefit packages are aligned based on the location of hire. The United States salary range provided does not apply to Tampa, FL or any location outside of the United States.
* The annual base salary for this position in Tampa, FL ranges from $145,400.00 to $242,400.00.
Relocation assistance may be available based on business needs and/or eligibility.
Sunshine Act
Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider's name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.
EEO & Employment Eligibility
Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer. This position requires permanent work authorization in the United States.
Information & Business Tech
#LI-PFE