Manager, Cloud Security Developer Engineering
Job Description
ROLE SUMMARY
The Cloud and Network Security Services team represents the Digital Center of Excellence (CoE) for cloud infrastructure capabilities, providing foundational public and private cloud services to all business lines, globally across Pfizer. Cloud and Network Security Services is a high-performing team, focused on delivering secure, scalable, compliant, operationally viable, and cost-effective cloud solutions. Working within Digital Hosting Solutions is to be at the cutting edge of cloud technology within the context of the world’s leading biopharmaceutical organization, at a time when adoption of these technologies is increasing rapidly.
We are seeking a hands-on Engineering Manager with strong experience in CSPM tools, Infrastructure as Code (IaC) and/or Security as Code (SaC) patterns, and DevSecOps practices across multiple cloud providers (AWS, Azure, GCP). This role provides an exciting opportunity to lead a high-performing team, driving innovation in our public and private cloud services that support all Pfizer’s business lines, globally.
ROLE RESPONSIBILITIES
Pfizer Engineers must operate with the highest levels of integrity, as colleagues within DHS are often entrusted with the highest levels of access to development and production environments. The ability to protect confidential information, identify risks, mitigate non-compliance, and operate within defined policies & procedures is a must.
Lead a team of engineers in the design, development, and maintenance of cloud-native security solutions, using tools such as Terraform and Ansible, to manage and automate security controls within cloud infrastructure across multiple platforms (AWS, Azure, and GCP).
Lead the development and implementation of cloud security platforms, such as Wiz, drive integration of security tools and processes into the DevOps pipeline, and the creation of security-focused IaC patterns and templates.
Work closely with other teams in the Digital Center of Excellence (CoE) to promote a unified approach to security within the digital infrastructure.
Oversee the deployment, configurations and infrastructure of cloud security controls
Oversee the security posture of our AWS, AZURE and GPC environments, implementing best practice measures to protect company data and resources
Participate in the development of the security roadmap and communicate the cybersecurity vision to senior management and technical departments.
Drive the adoption of new technologies and methodologies to continuously improve our cloud infrastructure and application development processes.
Provide technical leadership, mentorship, and guidance to other team members, sharing knowledge and expertise on securing cloud infrastructure and SaC best practices.
Develop KPI and reporting to manage cloud project, security initiatives, security risks and remediations
BASIC QUALIFICATIONS
Applicant must have a Bachelor’s degree with five years of relevant experience; OR Master’s degree with three years of relevant experience; OR Associate's degree with eight years of relevant experience; OR Ph.D. with 0+ years of experience; OR 10 years of relevant experience with a high school diploma or equivalent
5+ years of experience developing and/or maintaining cloud security controls.
Proven hands-on technical leadership, with experience managing technical teams.
Strong knowledge of public and private cloud platforms (AWS, Azure, or Google Cloud).
Proficiency in at least one programming language, such as Python, Rego, GO, or Terraform
Knowledge and experience in Artificial intelligence security controls
Demonstrated experience with IaC tools (Terraform, CloudFormation, etc.) and DevOps methodologies.
Excellent problem-solving skills, strategic thinking, and strong business acumen.
Excellent communication skills, both written and verbal, with the ability to present complex technical information in a clear and concise manner.
Demonstrated ability to work in an agile work environment possessing qualities such as a collaborative mindset, adaptability to change, and a proactive problem-solving approach.
PREFERRED QUALIFICATIONS
Master's degree in Computer Science, Engineering, or a related field.
Certifications in AWS, Azure, or GCP, such as Solutions Architect, DevOps Engineer, or Cloud Engineer.
Experience with containerization and orchestration technologies, such as Docker and Kubernetes.
Familiarity with CI/CD tools and processes, such as Jenkins, GitLab CI, or GitHub Actions.
Knowledge of security best practices for cloud infrastructure and application development.
Understanding of regulatory compliance and security standards in the pharmaceutical industry.
Experience in the pharmaceutical or biotechnology industry.
Prior experience in leading or mentoring a team of software engineers.
NON-STANDARD WORK SCHEDULE, TRAVEL OR ENVIRONMENT REQUIREMENTS
Respond on short notice during normal working hours. Extended hours, weekends, and holidays may occasionally be required during critical events.
Limited travel may be required.
Other Job Details:
Last Date to Apply for Job: November 9, 2024
Additional Location Information: Collegeville, PA; Bothell, WA
Work Location Assignment:Hybrid. Must be able to work from assigned Pfizer office 2-3 days per week, or as needed by the business
Relocation assistance may be available based on business needs and/or eligibility.
Sunshine Act
Pfizer reports payments and other transfers of value to health care providers as required by federal and state transparency laws and implementing regulations. These laws and regulations require Pfizer to provide government agencies with information such as a health care provider’s name, address and the type of payments or other value received, generally for public disclosure. Subject to further legal review and statutory or regulatory clarification, which Pfizer intends to pursue, reimbursement of recruiting expenses for licensed physicians may constitute a reportable transfer of value under the federal transparency law commonly known as the Sunshine Act. Therefore, if you are a licensed physician who incurs recruiting expenses as a result of interviewing with Pfizer that we pay or reimburse, your name, address and the amount of payments made currently will be reported to the government. If you have questions regarding this matter, please do not hesitate to contact your Talent Acquisition representative.
EEO & Employment Eligibility
Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer. This position requires permanent work authorization in the United States.
Pfizer is committed to equal opportunity in the terms and conditions of employment for all employees and job applicants without regard to race, color, religion, sex, sexual orientation, age, gender identity or gender expression, national origin, disability or veteran status. Pfizer also complies with all applicable national, state and local laws governing nondiscrimination in employment as well as work authorization and employment eligibility verification requirements of the Immigration and Nationality Act and IRCA. Pfizer is an E-Verify employer.