At Gilead, weāre creating a healthier world for all people. For more than 35 years, weāve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer ā working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the worldās biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.
Ā
Every member of Gileadās team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and weāre looking for the next wave of passionate and ambitious people ready to make a direct impact.
Ā
We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.
Job Description
Ā
Overview
Gilead Sciences is aresearchdrivenbiopharmaceutical company committed to delivering lifesaving therapies to patients worldwide. Our teams work collaboratively to advance scientific innovation, accelerate access, and improve health outcomes across major therapeutic areas, including HIV/AIDS, liver diseases, oncology, inflammation, respiratory disease, and cardiovascular conditions.
As part of Gileadās global technology and security organization, theSr. Director, Business Security, Risk & Compliance (SRC) Leadplays a critical role in shaping and securing the digital future of the enterprise.
This is a site based role located at our headquarters in Foster City, CA. Remote work is not available for this particular position. We do offer a hybrid schedule of 2 days optional work from home/3 days onsite.
Role Summary
Reporting to the Chief Information Security Officer (CISO), the Sr. Director, Business Security, Risk & Compliance (SRC) Lead serves as the strategic security partner for Gileadās global business functions. This leader drives digital and AIaligned security strategy, guides secure technology adoption, and ensuresrisk informeddecisionmakingacross the enterprise.
The role collaborates closely withInformation Security, Risk & Compliance leaders,IT Business Engagement, Enterprise Security Architecture, Infrastructure Engineering, Application Development teams, and business stakeholders across all regions. It also provides leadership and oversight for a global team of six security professionals responsible for developing, implementing, and supporting Gileadās information security,riskand compliancecapabilities.
Core Responsibilities
Strategic Leadership & Digital Security Architecture
Lead the development and execution of Gileadās digital andAI alignedsecurity strategy.
Ensure cyber, AI, and information security risks areidentified, assessed, communicated, and effectively managed; escalate material concerns as needed.
Translate business, digital, and technology strategies into secure architectural designs and roadmaps.
Drive system architecture decisions that balance functionality, service quality, performance, and security.
Business Partnership & Digital Enablement
Serve as the primary security advisor to global business functions, collaborating to evaluate emerging digital and AI initiatives.
Partner with IT Business Engagement teams to understand business priorities, requirements, and technology roadmaps.
Influence technology choices to ensure alignment with security standards and regulatory expectations.
Technology Strategy, Innovation & Solution Development
Evaluate and recommend emerging security technologies, tools, and platforms to enhance Gileadās digital security posture.
Lead the definition and evolution of security frameworks, standards, and reference architecture.
Drive continuous improvement of security processes, systems, and delivery capabilities.
Oversee the design and development of new digital security solutions and enhancements to existing capabilities.
Risk Management, Compliance & Controls
Ensure digital solutions meet regulatory, risk, and compliance requirements across regions (including EU and APAC).
Partner with Security Architecture & Governance and IT Risk & Compliance teams to define effective control requirements and operational implementation.
Conduct and oversee security assessments, penetration testing, vulnerability analysis, and remediation efforts.
Operational Leadership & Incident Response
Guidethe deployment and optimization of security technologies including SIEM, IDS/IPS, SecOps tools, endpoint and network security, and firewalls.
In the event of a cyber incident,lead coordinatedresponsewith SOC, IT teams, and business partners to contain impact and support recovery.
Metrics, Reporting & Communication
Develop and track key performance indicators that measure the effectiveness of security controls and digital risk posture.
Create compelling executive presentations that articulate strategy, risks, solution architectures, and roadmaps to senior leaders and stakeholders.
Team Leadership & Talent Development
Lead and develop ahigh performing, globally distributed Security, Risk & Compliance team.
Fosteraninclusive, collaborative, and innovative team culture aligned with Gileadās core values.
Identify, attract, andretaintop security talent, including management of external partners, vendors, and academic collaborators.
Capabilities & Requirements
Technical Expertise
Deep mastery of information security principles, architectures, and control frameworks.
Strong understanding of digital security, cloud technologies,AIenabledsecurity capabilities, and emerging security trends.
Experience with enterprise identity and access management, federated identity, SSO, and related architectures.
Proven capability in threat modeling, vulnerability management, forensics, and penetration testing.
gilead