Gilead Sciences is a biopharmaceutical company that discovers, develops and commercializes innovative therapeutics in areas of unmet medical need. The company's mission is to advance the care of patients suffering from life-threatening diseases worldwide. Headquartered in Foster City, California, Gilead has operations in North, South and Central America, Europe, Africa, Asia and Australia. Gilead makes it a priority to increase access to its medicines for people who can benefit from them, regard... more details
For Current Gilead Employees and Contractors:
Please log onto your Internal Career Site to apply for this job.
At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.
Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact.
We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.
Job Description
Gilead Sciences is a biopharmaceutical company that discovers, develops and commercializes innovative therapeutics in areas of unmet medical need. The company's mission is to advance the care of patients suffering from life-threatening diseases worldwide. Headquartered in Foster City, California, Gilead has operations in North, South and Central America, Europe, Africa, Asia and Australia. Gilead makes it a priority to increase access to its medicines for people who can benefit from them, regardless of where they live or their economic status.
Specific Responsibilities & Skills
The Senior Director IT – Security Engineering will report directly to the Executive Director IT - Head of Security Architecture, Engineering, and Delivery and will manage, supervise, and govern the Security Engineering and Cyber Fusion Center teams responsible for delivering and enhancing security solutions and capabilities to protect Gilead from growing cyber threats. This position is a key member of the Security Risk and Compliance (SRC) team and will work closely with various IT teams (e.g.: Security Operations, Security Architecture, Data Privacy, Risk, Data Privacy, QA, IT Infrastructure, Network, and Business IT). They will provide expertise on Information Security engineering policies and standards, technology solutions, security and regulatory compliance, project management, managed services management, and SDLC. The person in this position will be required to understand all information security domains, interpret, and communicate information security requirements as defined by company policy. This position requires the person to work with ambiguous requirements and be able to work through them to help the business while keeping the risk to the organization at an acceptable level, delivering security engineering solutions and projects on time and on budget.
The Senior Director IT – Security Engineering should have skills that include:
Domain Expertise: Expert level knowledge of Cyber Security Engineering capability areas, including Endpoint Security; Network Security; Platform Security; Cloud Security; IoT/OT security; Security and Information Event Management (SIEM); Security Orchestration, Automation and Response (SOAR); Email Security; Mobile Security; Vulnerability Management; Cryptography and Certificate Management; Database and Data Security; Web Security, and Application Security. In addition, expert level knowledge of Cyber Fusion Center technologies, processes, and management areas, including Red, Blue, and Purple teaming, Insider Threat Management, Threat Intelligence Management, and Security Incident Management is required.
Strategic mindset with the ability to execute - Defines and delivers against security strategy to protect Gilead, implements automation, and drives for operational efficiencies.
Delivers on Technology Strategy - Sees security engineering and design and project delivery as a key requirement to support business operations and understands the value of scalable and efficient technical solutions that provide visibility to threats, allows team the ability to quickly respond to and block threats, with low operational overhead and technical debt.
Business Partnership - Serves as a trusted advisor to leaders within Business functions, IT and Kite TechOps, and supports their mission. Partners with senior SRC, Employee Experience, Kite TechOps leadership to create security engineering technology strategies that support the objectives of their functions. Understands the value drivers of the Business and ensures IT Security solutions consider the balance between Security and User experience. Strong ability to partner with Managed Service providers and manage them to agree upon outcomes.
Financial Stewardship: Plays a thorough role in managing and containing Security Engineering Project delivery costs, along with partnering with the Security Operations and Security Architecture leads to ensure ongoing cost is well understood and managed.
Leadership: Proven ability to build, develop, and lead teams and rally organization staff around the strategic visions and tactical approaches to their implementation.
ESSENTIAL JOB FUNCTIONS:
General responsibilities for this position will include (but are not limited to) the following:
Manage team to develop, update & maintain Information Security Engineering and Cyber Fusion Center standards and reference architecture.
Lead and manage the Security Engineering team to deliver on Security capabilities.
Lead and manage the Cyber Fusion Center and Cybersecurity Incident Response
Present the Security Engineering and Cyber Fusion Center Investment portfolio to SRC and IT leaders and communicate the value of the security investment.
Lead and manage our Managed Service Provider solution delivery teams to deliver on Security Engineering and Cyber Fusion Center sustainment and investment projects.
Partner with Security Architecture and Security Operations, including supporting the design and delivery needs of Identity and Access Management
Partner with Security Operations team to ensure Security tools are optimized and ensure SecOps team have proper knowledge transfer and documentation to support new Security tools.
Support Security Engineering needs of Merger & Acquisition related activities
Ensure Security Engineering and Cyber Fusion Center activities, processes, and procedures meet defined requirements, policies, and regulations.
Work with Internal Audit, Project Managers, System Managers and Engineers - Track project findings, identify and resolve issues, analyze evidence, communicate with stakeholders, and facilitate the completion of related projects with security engineering design or architecture needs.
Participate in other activities relating to information security or other functional areas as assigned.
BASIC QUALIFICATIONS:
18+ years’ relevant experience with High School Diploma or equivalent
16+ years’ relevant experience with AA
14+ years’ relevant experience with BS / BA
12+ years’ relevant experience with MS / MA / MBA
Computer Science or related discipline is preferred.
Information security related certifications such as CISSP, CRISC, CCSP, GIAC, etc.
PREFERRED QUALIFICATIONS:
Strong understanding of a wide variety of cybersecurity technologies relating to the following security domains: Audit and Monitoring, Risk Response & Recovery, SIEM, Vulnerability Management, Cryptography, Data Communications, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, Cloud Security, Multi-Factor Authentication, Passwordless Authentication, Digital Rights Management, and PKI.
Strong understanding of NIST cyber security framework, and MITRE attack matrix
Strong knowledge of IT Security and Privacy concepts and controls
Knowledge of information security risk management frameworks and compliance practices
Knowledge of securing network technologies, client, and server operating systems
Strong knowledge of Secure Software Development Lifecycle (SDLC) processes and methodologies
Ability to develop security standards and guidelines based on best practices and industry standards.
Excellent interpersonal, communication, and presentation skills, including formal report writing experience.
Understanding of common security standards and healthcare related regulations and data privacy
Ability to assess complex multi-location projects as well as identify and recommend appropriate corrective measures to resolve security and privacy related issues.
Strong customer service orientation and the ability to project that attitude to customers in remote locations.
Ability to manage multiple prioritized tasks effectively.
Strong organization and time management skills
Works independently and works well in a team collaborative environment.
Skills in documenting risk and compliance activities
Previous work experience in a Biopharma organization is a plus.
Previous work experience in a cloud centric environment is a plus.
Previous experience working effectively with global teams across multiple time zones is a plus.
The salary range for this position is: $237,660.00 - $307,560.00. Gilead considers a variety of factors when determining base compensation, including experience, qualifications, and geographic location. These considerations mean actual compensation will vary. This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package. Benefits include company-sponsored medical, dental, vision, and life insurance plans*.
For additional benefits information, visit:
https://www.gilead.com/careers/compensation-benefits-and-wellbeing
* Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.
For jobs in the United States:
As an equal opportunity employer, Gilead Sciences Inc. is committed to a diverse workforce. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact ApplicantAccommodations@gilead.com for assistance.
For more information about equal employment opportunity protections, please view the 'Know Your Rights' poster.
NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT
YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT
PAY TRANSPARENCY NONDISCRIMINATION PROVISION
Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.
Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.
For Current Gilead Employees and Contractors:
Please log onto your Internal Career Site to apply for this job.