Executive Director, I.T. - Head Of Security Architecture, Engineering, And Delivery

Head Of Security Architecture, Engineering, And Delivery

At Gilead, we're creating a healthier world for all people. For more than 35 years, we've tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world's biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.

Every member of Gilead's team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we're looking for the next wave of passionate and ambitious people ready to make a direct impact.

We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.

Gilead Sciences, Inc. is a research-based biopharmaceutical company founded in 1987. Together we deliver life-saving therapies to patients in need. With the commitment and drive you bring to the workplace every day, you will be part of a team that is changing the world and helping millions of people live healthier, more fulfilling lives. Our worldwide staff is a close community where you can see the tangible results of your contributions, where every individual matters, and everyone has a chance to enhance their skills through ongoing development. Our scientific focus has resulted in marketed products that are benefiting hundreds of thousands of people, a pipeline of late-stage drug candidates, and unmatched patient access programs to ensure medications are available to those who could otherwise not afford them. By joining Gilead, you will further our mission to address unmet medical needs and improve life by advancing the care of patients with life-threatening diseases.

This is a site based role in Foster City, CA at our global headquarters. Remote work is not available for this particular position. We do offer optional work from home days on Monday and Friday with core collaboration days in the office.

This position sits at the forefront of Gilead's digital and AI driven transformation, uniquely positioned to design and secure the next generation of research platforms and data environments that accelerate the development and delivery of life saving therapies. The Head of Security Architecture, Engineering, and Delivery combines deep expertise in security policy, regulatory compliance, technology strategy, and secure development practices with the ability to navigate ambiguity and influence senior stakeholders. Acting as a deputy for the CISO, this leader will represent security across the enterprise, shaping decisions that protect Gilead from evolving cyber threats and strengthening the resilience of the systems and data that patients and employees depend on.

The Head of Security Architecture, Engineering, and Delivery will be expected to demonstrate:

• Domain expertise: Expert level knowledge of Cyber Security capability areas, including Risk assessment and management, Identity and Access Management, Endpoint Security, Network Security, Platform Security, and application security. Able to function as a Deputy CISO.
• Strategic mindset with the ability to execute: Define and deliver against security strategy to protect Gilead, implements automation, and drives for operational efficiencies.
• Technology Strategy and Delivery: Position Security as a key requirement to support business operations and understand the value of scalable and efficient technical solutions that provide visibility to threats and allows the team the ability to quickly respond to and block threats with low operational overhead and technical debt.
• Business Partnership: Serve as a trusted advisor to leaders within Business functions and IT and supports their mission. Partner with senior IT Security leadership to create technology strategies that support the objectives of their functions. Understand the value drivers of the Business and ensures IT Security solutions consider the balance between Security and User experience.
• Financial Stewardship: Manage and contain project delivery costs and partner with the Security Operations lead to ensure ongoing cost is well understood and managed.
• Leadership: Proven ability to build, develop, and lead teams and rally organization around the vision.

Key responsibilities for this position include (but are not limited to):

• Manage team to develop, update & maintain information security standards and reference architecture.
• Lead and manage the Security Engineering team to deliver on Security capabilities.
• Lead and manage the Security Project Delivery team, including Program and Project managers, Business analysts, and technical delivery engineers.
• Lead and manage the Cyber Fusion Center operations, processes and be able to run the incident command and lead the incident investigations.
• Present the Security Investment portfolio to IT and business leaders and communicate the value of security investment.
• Lead and manage our Managed Service Provider solution delivery team to deliver on Security sustainment and investment projects.
• Support Merger & Acquisition related activities.
• Ensure IT activities, processes, and procedures meet defined requirements, policies and regulations.
• Work with Internal Audit, Project Managers, System Managers and Engineers - Track project findings, identify and resolve issues, analyze evidence, communicate with stakeholders, and facilitate the completion of cybersecurity related projects.
• Participate in other activities relating to information security or other functional areas as assigned.

Skills & Experience:

• Bachelor of Science degree in management information systems, computer science, engineering or another IT-related major is required.
• 16+ years of relevant experience or 14+ years within master's or PhD.
• 12+ years of cybersecurity professional experience, risk management, and governance practice.
• Information security related certifications such as CISSP, CRISC, CCSP, GIAC, etc.
• A minimum of 8-10 years of leadership responsibilities.
• Strong understanding of a wide variety of cybersecurity technologies relating to the following security domains: Audit and Monitoring, Risk Response & Recovery, SIEM, vulnerability management, Cryptography, Data Communications, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, cloud security, Multi-Factor Authentication, Passwordless Authentication, Digital Rights Management, PKI, Security for AI and AI for Security solutions.
• Strong understanding of NIST cyber security, and MITRE attack frameworks.
• Deep knowledge of IT Security and Privacy concepts and controls, and ability to develop security standards and guidelines based on best practices and industry standards.
• Able to lead teams through an incident from initial response, stakeholder communications and diagnosis to immediate and long-term remediation plans and activities.
• Knowledge of information security risk management frameworks and compliance practices.
• Knowledge of securing network technologies, client, and server operating systems.
• Strong knowledge of Secure Software Development Lifecycle (SDLC) processes and methodologies.
• Excellent interpersonal, communication, and presentation skills, including formal writing experience.
• Understanding of common security standards and healthcare related regulations and data privacy.
• Able to assess complex multi-location projects as well as identify and recommend appropriate corrective measures to resolve security and privacy related issues.
• Strong customer service orientation and the ability to project that attitude to customers in remote locations.
• Previous work experience in a Biopharma organization is a plus.
• Previous work experience in a cloud centric environment is a plus.
• Previous Deputy CISO or equivalent experience is a plus.

The salary range for this position is: $281,010.00 - $363,660.00. Gilead considers a variety of factors when determining base compensation, including experience, qualifications, and geographic location. These considerations mean actual compensation will vary. This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package. Benefits include company-sponsored medical, dental, vision, and life insurance plans.

Gilead Sciences Inc. is committed to providing equal employment opportunities to all employees and applicants for employment, and is dedicated to fostering an inclusive work environment comprised of diverse perspectives, backgrounds, and experiences. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, sex, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact ApplicantAccommodations@gilead.com for assistance.

Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity