Our Global Cybersecurity Governance, Risk, and Compliance (GRC) team defines the blueprint for cybersecurity excellence by embedding governance, risk management, and compliance into every layer of the organization. The team enables consistent, risk-based decision-making and ensures that security, privacy, and regulatory requirements are seamlessly integrated across Pfizer’s global operations. We are seeking an experienced Director to serve in a strategic leadership role within the Security GRC organization, acting as the primary security representative for mergers, acquisitions, and divestitures. This role is accountable for ensuring security risk identification, regulatory alignment, and secure integration across the full transaction lifecycle—from diligence through post-close execution—while enabling business agility and growth. The Director will partner closely with global stakeholders, including Digital, Legal, Privacy, Finance, and the Digital ACD PMO, to ensure M&A Digital and Technology services are forecasted, planned, designed, deployed, operated, and supported in a manner that meets IT general controls, cybersecurity standards, and regulatory requirements. ROLE RESPONSIBILITIES - Serve as a cybersecurity and technology risk advisor to Digital & Technology and business integration stakeholders, enabling informed decisions aligned to enterprise risk appetite and regulatory expectations. Embed security-by-design and compliant-by-design principles into the ACD operating model across strategy, solution delivery, operations, and lifecycle management. Translate cybersecurity strategy, policies, and control requirements into practical, business-aligned guidance that supports agile and product-centric delivery. Identify, assess, and manage information security and technology risks with Digital & Technology leaders, ensuring risks are mitigated, accepted, or escalated with clear ownership. Provide independent risk insight, control assurance for Digital & Technology services and solutions. Partner with CISO, Privacy, Legal, Compliance, and Audit teams to support audit readiness, regulatory inspections, and remediation execution. Monitor risk posture and control effectiveness using KPIs/ KR - Is, driving targeted remediation and continuous improvement initiatives. Promote a strong culture of security, accountability, and risk ownership across cross-functional and matrixed teams. Simplify risk and compliance processes to enable secure delivery at speed, improving standardization and reuse of proven patterns and playbooks. Support delivery of CISO Infrastructure & Cloud services across ACD transactions, providing backup coverage across all phases (pre-close, Day 1, steady state, exit), shaping secure and scalable solutions, and translating transaction requirements into repeatable delivery patterns with CISO service owners. Enable execution excellence and operational rigor, including risk, dependency, and issue management across matrixed teams, continuous improvement of ACD operating models and playbooks, and support for financial, vendor, and resource governance under the execution lead BASIC QUALIFICATIONS - Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or related field 8 years of progressive experience in cybersecurity, governance, risk management, or compliance roles 5 years of experience in a M&A setting supporting cybersecurity governance, policy, or risk management programs at scale. Experience in a highly matrixed organization to support and drive strategic initiatives. Excellent Communication skills, capable of succinctly defining the problem and delivering options for addressing potential compliance gaps. Experience with implementing controls aligned to principles, and concepts of regulatory compliance, and of pharmaceutical regulations. Excellent in-depth understanding and working experience with compliance guidelines and regulations such as SOX, FDA Gx. P regulations, and Domestic/ International privacy laws (i.e. PCI DSS, MA 201, Safe Harbor, etc.)Excellent stakeholder management skills and organizational skills. Ability to work independently and manage multiple priorities. PREFERRED QUALIFICATIONS - Professional certifications: CISSP, CISM, CRISC or similar. Excellent strategic thinking. Deeply analytical and credible. Fact-based decision-making