Executive Director, I.T.- Head of Security Architecture, Engineering, and Delivery

About Gilead Sciences

At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.

Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact.

We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.

Job Description

Gilead Sciences, Inc. is a research-based biopharmaceutical company founded in 1987. Together we deliver life-saving therapies to patients in need. With the commitment and drive you bring to the workplace every day, you will be part of a team that is changing the world and helping millions of people live healthier, more fulfilling lives. Our worldwide staff is a close community where you can see the tangible results of your contributions, where every individual matters, and everyone has a chance to enhance their skills through ongoing development. Our scientific focus has resulted in marketed products that are benefiting hundreds of thousands of people, a pipeline of late-stage drug candidates, and unmatched patient access programs to ensure medications are available to those who could otherwise not afford them. By joining Gilead, you will further our mission to address unmet medical needs and improve life by advancing the care of patients with life-threatening diseases.

Specific Responsibilities & Skills

The Head of Security Architecture, Engineering, and Delivery is a missioncritical leader responsible for safeguarding the integrity of Gilead’s scientific data, digital assets, and operational environments. Reporting to the CISO and serving as Deputy CISO, this role will direct the teams that architect, engineer, and deliver enterprise security capabilities that protect employees, patients, and the research that fuels Gilead’s innovation. As a senior member of the cross-functional Security Risk and Compliance organization, this leader will partner closely across Security Operations, Risk, Data Privacy, QA, Infrastructure, Network, and Business IT to translate complex and often ambiguous security requirements into clear guidance, ensuring the organization can innovate confidently while maintaining a strong security posture.

This is a site based role in Foster City, CA at our global headquarters. Remote work is not available for this particular position. We do offer optional work from home days on Monday and Friday with core colaboration days in the office.

This position sits at the forefront of Gilead’s digital and AIdriven transformation, uniquely positioned to design and secure the next generation of research platforms and data environments that accelerate the development and delivery of lifesaving therapies. The Head of Security Architecture, Engineering, and Delivery combines deep expertise in security policy, regulatory compliance, technology strategy, and secure development practices with the ability to navigate ambiguity and influence senior stakeholders. Acting as a deputy for the CISO, this leader will represent security across the enterprise, shaping decisions that protect Gilead from evolving cyber threats and strengthening the resilience of the systems and data that patients and employees depend on.

Key Responsibilities

• Manage team to develop, update & maintain information security standards and reference architecture.
• Lead and manage the Security Engineering team to deliver on Security capabilities.
• Lead and manage the Security Project Delivery team, including Program and Project managers, Business analysts, and technical delivery engineers.
• Lead and manage the Cyber Fusion Center operations, processes and be able to run the incident command and lead the incident investigations.
• Present the Security Investment portfolio to IT and business leaders and communicate the value of security investment.
• Lead and manage our Managed Service Provider solution delivery team to deliver on Security sustainment and investment projects.
• Support Merger & Acquisition related activities.
• Ensure IT activities, processes, and procedures meet defined requirements, policies and regulations.
• Work with Internal Audit, Project Managers, System Managers and Engineers - Track project findings, identify and resolve issues, analyze evidence, communicate with stakeholders, and facilitate the completion of cybersecurity related projects.
• Participate in other activities relating to information security or other functional areas as assigned.

Skills & Experience

• Bachelor of Science degree in management information systems, computer science, engineering or another IT-related major is required.
• 16+ years of relevant experience or 14+ years within master’s or PhD.
• 12+ years of cybersecurity professional experience, risk management, and governance practice.
• Information security related certifications such as CISSP, CRISC, CCSP, GIAC, etc.
• A minimum of 8-10 years of leadership responsibilities.
• Strong understanding of a wide variety of cybersecurity technologies relating to the following security domains: Audit and Monitoring, Risk Response & Recovery, SIEM, vulnerability management, Cryptography, Data Communications, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, cloud security, Multi-Factor Authentication, Passwordless Authentication, Digital Rights Management, PKI, Security for AI and AI for Security solutions.
• Strong understanding of NIST cyber security, and MITRE attack frameworks.
• Deep knowledge of IT Security and Privacy concepts and controls, and ability to develop security standards and guidelines based on best practices and industry standards.
• Able to lead teams through an incident from initial response, stakeholder communications and diagnosis to immediate and long-term remediation plans and activities.
• Knowledge of information security risk management frameworks and compliance practices.
• Knowledge of securing network technologies, client, and server operating systems.
• Strong knowledge of Secure Software Development Lifecycle (SDLC) processes and methodologies.
• Excellent interpersonal, communication, and presentation skills, including formal writing experience.
• Understanding of common security standards and healthcare related regulations and data privacy.
• Able to assess complex multi-location projects as well as identify and recommend appropriate corrective measures to resolve security and privacy related issues.
• Strong customer service orientation and the ability to project that attitude to customers in remote locations.
• Previous work experience in a Biopharma organization is a plus.
• Previous work experience in a cloud centric environment is a plus.
• Previous Deputy CISO or equivalent experience is a plus.

Compensation & Benefits

The salary range for this position is: $281,010.00 - $363,660.00. Gilead considers a variety of factors when determining base compensation, including experience, qualifications, and geographic location. These considerations mean actual compensation will vary. This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package. Benefits include company-sponsored medical, dental, vision, and life insurance plans*.

For Additional Benefits Information, Visit https://www.gilead.com/careers/compensation-benefits-and-wellbeing

Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.

Key skills/competency

• Security Architecture
• Cybersecurity Leadership
• Risk Management
• Security Engineering
• Incident Response
• Identity and Access Management
• Cloud Security
• Network Security
• Regulatory Compliance
• Team Leadership