At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.
Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact.
We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.
Job Description
Gilead Sciences, Inc. is a research-based biopharmaceutical company founded in 1987. Together we deliver life-saving therapies to patients in need. With the commitment and drive you bring to the workplace every day, you will be part of a team that is changing the world and helping millions of people live healthier, more fulfilling lives. Our worldwide staff is a close community where you can see the tangible results of your contributions, where every individual matters, and everyone has a chance to enhance their skills through ongoing development. Our scientific focus has resulted in marketed products that are benefiting hundreds of thousands of people, a pipeline of late-stage drug candidates, and unmatched patient access programs to ensure medications are available to those who could otherwise not afford them. By joining Gilead, you will further our mission to address unmet medical needs and improve life by advancing the care of patients with life-threatening diseases.
Specific Responsibilities & Skills
The Head of Security Architecture, Engineering, and Delivery is a missioncritical leader responsible for safeguarding the integrity of Gilead’s scientific data, digital assets, and operational environments. Reporting to the CISO and serving as Deputy CISO, this role will direct the teams that architect, engineer, and deliver enterprise security capabilities that protect employees, patients, and the research that fuels Gilead’s innovation. As a senior member of the cross-functional Security Risk and Compliance organization, this leader will partner closely across Security Operations, Risk, Data Privacy, QA, Infrastructure, Network, and Business IT to translate complex and often ambiguous security requirements into clear guidance, ensuring the organization can innovate confidently while maintaining a strong security posture.
This is a site based role in Foster City, CA at our global headquarters. Remote work is not available for this particular position. We do offer optional work from home days on Monday and Friday with core colaboration days in the office.
This position sits at the forefront of Gilead’s digital and AIdriven transformation, uniquely positioned to design and secure the next generation of research platforms and data environments that accelerate the development and delivery of lifesaving therapies. The Head of Security Architecture, Engineering, and Delivery combines deep expertise in security policy, regulatory compliance, technology strategy, and secure development practices with the ability to navigate ambiguity and influence senior stakeholders. Acting as a deputy for the CISO, this leader will represent security across the enterprise, shaping decisions that protect Gilead from evolving cyber threats and strengthening the resilience of the systems and data that patients and employees depend on.
The Head of Security Architecture, Engineering, and Delivery will be expected to demonstrate:
Domain Expertise: Expert level knowledge of Cyber Security capability areas, including Risk assessment and management, Identity and Access Management, Endpoint Security, Network Security, Platform Security, and application security. Able to function as a Deputy CISO.
Strategic mindset with the ability to execute: Define and deliver against security strategy to protect Gilead, implements automation, and drives for operational efficiencies.
Technology Strategy and Delivery: - Position Security as a key requirement to support business operations and understand the value of scalable and efficient technical solutions that provide visibility to threats and allows team the ability to quickly respond to and block threats with low operational overhead and technical debt.
Business Partnership - Serve as a trusted advisor to leaders within Business functions and IT and supports their mission. Partner with senior IT Security leadership to create technology strategies that support the objectives of their functions. Understand the value drivers of the Business and ensures IT Security solutions consider the balance between Security and User experience. Strong ability to partner with Managed Service providers and manage them to agree upon outcomes.
Financial Stewardship: Manage and contain project delivery costs and partner with the Security Operations lead to ensure ongoing cost is well understood and managed.
Leadership: Proven ability to build, develop, and lead teams and rally organization around the vision
ESSENTIAL JOB FUNCTIONS:
Key responsibilities for this position include (but are not limited to):
Manage team to develop, update & maintain information security standards and reference architecture.
Lead and manage the Security Engineering team to deliver on Security capabilities
Lead and manage the Security Project Delivery team, including Program and Project managers, Business analysts, and technical delivery engineers
Lead and manage the Cyber Fusion Center operations, processes and be able to run the incident command and lead the incident investigations
Present the Security Investment portfolio to IT and business leaders and communicate the value of security investment.
Lead and manage our Managed Service Provider solution delivery team to deliver on Security sustainment and investment projects.
Support Merger & Acquisition related activities
Ensure IT activities, processes, and procedures meet defined requirements, policies and regulations
Work with Internal Audit, Project Managers, System Managers and Engineers - Track project findings, identify and resolve issues, analyze evidence, communicate with stakeholders, and facilitate the completion of cybersecurity related projects
Participate in other activities relating to information security or other functional areas as assigned
SKILLS & EXPERIENCE
Bachelor of Science degree in management information systems, computer science, engineering or another IT-related major is required
16+ years of relevant experience or 14+ years within master’s or PhD
12+ years of cybersecurity professional experience, risk management, and governance practice
Information security related certifications such as CISSP, CRISC, CCSP, GIAC, etc.,
A minimum of 8-10 years of leadership responsibilities.
Strong understanding of a wide variety of cybersecurity technologies relating to the following security domains: Audit and Monitoring, Risk Response & Recovery, SIEM, vulnerability management, Cryptography, Data Communications, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, cloud security, Multi-Factor Authentication, Passwordless Authentication, Digital Rights Management, PKI, Security for AI and AI for Security solutions
Strong understanding of NIST cyber security, and MITRE attack frameworks
Deep knowledge of IT Security and Privacy concepts and controls, and ability to develop security standards and guidelines based on best practices and industry standards
Able to lead teams through an incident from initial response, stakeholder communications and diagnosis to immediate and long-term remediation plans and activities
Knowledge of information security risk management frameworks and compliance practices
Knowledge of securing network technologies, client, and server operating systems
Strong knowledge of Secure Software Development Lifecycle (SDLC) processes and methodologies
Excellent interpersonal, communication, and presentation skills, including formal writing experience
Understanding of common security standards and healthcare related regulations and data privacy
Able to assess complex multi-location projects as well as identify and recommend appropriate corrective measures to resolve security and privacy related issues
Strong customer service orientation and the ability to project that attitude to customers in remote locations
Previous work experience in a Biopharma organization is a plus
Previous work experience in a cloud centric environment is a plus
Previous Deputy CISO or equivalent experience is a plus
For additional benefits information, visit:
https://www.gilead.com/careers/compensation-benefits-and-wellbeing
* Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.
For jobs in the United States:
Gilead Sciences Inc. is committed to providing equal employment opportunities to all employees and applicants for employment, and is dedicated to fostering an inclusive work environment comprised of diverse perspectives, backgrounds, and experiences. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, sex, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact ApplicantAccommodations@gilead.com for assistance.
For more information about equal employment opportunity protections, please view the 'Know Your Rights' poster.
NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT
YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT
Gilead Sciences will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, (c) consistent with the legal duty to furnish information; or (d) otherwise protected by law.
Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.
Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.
For Current Gilead Employees and Contractors:
Please apply via the Internal Career Opportunities portal in Workday.