Sr Director IT Security Engineering

Sr. Director IT Security Engineering
United States - California - Foster City

Gilead Sciences, Inc. is a research-based bio-pharmaceutical company that discovers, develops and commercializes innovative medicines in areas of unmet medical need. With each new discovery and investigational drug candidate, we seek to improve the care of patients living with life-threatening diseases around the world. Gilead's therapeutic areas of focus include HIV/AIDS, liver diseases, cancer and inflammation, and serious respiratory and cardiovascular conditions.

Making an impact on a global scale
Inclusion is one of the company's five core values. That's because we know that we are stronger and more innovative at Gilead when we are informed by a diverse set of backgrounds, experiences and points of view. Gilead Sciences is a biopharmaceutical company that discovers, develops and commercializes innovative therapeutics in areas of unmet medical need. The company's mission is to advance the care of patients suffering from life-threatening diseases worldwide.

When you join Gilead, you join our mission to change the world by enabling people to live healthier and more fulfilling lives. Come join a mission-driven bio-pharmaceutical organization that values inclusion and diversity, has a strong portfolio of products, and is constantly

For Current Gilead Employees and Contractors:

Please log onto your Internal Career Site to apply for this job.

At Gilead, we're creating a healthier world for all people. For more than 35 years, we've tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer - working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world's biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.

Every member of Gilead's team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we're looking for the next wave of passionate and ambitious people ready to make a direct impact.

We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.

Job Description

Gilead Sciences is a biopharmaceutical company that discovers, develops and commercializes innovative therapeutics in areas of unmet medical need. The company's mission is to advance the care of patients suffering from life-threatening diseases worldwide. Headquartered in Foster City, California, Gilead has operations in North, South and Central America, Europe, Africa, Asia and Australia. Gilead makes it a priority to increase access to its medicines for people who can benefit from them, regardless of where they live or their economic status.

Specific Responsibilities & Skills

The Senior Director IT - Security Engineering will report directly to the Executive Director IT - Head of Security Architecture, Engineering, and Delivery and will manage, supervise, and govern the Security Engineering and Cyber Fusion Center teams responsible for delivering and enhancing security solutions and capabilities to protect Gilead from growing cyber threats. This position is a key member of the Security Risk and Compliance (SRC) team and will work closely with various IT teams (e.g.: Security Operations, Security Architecture, Data Privacy, Risk, Data Privacy, QA, IT Infrastructure, Network, and Business IT). They will provide expertise on Information Security engineering policies and standards, technology solutions, security and regulatory compliance, project management, managed services management, and SDLC. The person in this position will be required to understand all information security domains, interpret, and communicate information security requirements as defined by company policy. This position requires the person to work with ambiguous requirements and be able to work through them to help the business while keeping the risk to the organization at an acceptable level, delivering security engineering solutions and projects on time and on budget.

The Senior Director IT - Security Engineering should have skills that include:
•   Domain Expertise: Expert level knowledge of Cyber Security Engineering capability areas, including Endpoint Security; Network Security; Platform Security; Cloud Security; IoT/OT security; Security and Information Event Management (SIEM); Security Orchestration, Automation and Response (SOAR); Email Security; Mobile Security; Vulnerability Management; Cryptography and Certificate Management; Database and Data Security; Web Security, and Application Security. In addition, expert level knowledge of Cyber Fusion Center technologies, processes, and management areas, including Red, Blue, and Purple teaming, Insider Threat Management, Threat Intelligence Management, and Security Incident Management is required.
•   Strategic mindset with the ability to execute - Defines and delivers against security strategy to protect Gilead, implements automation, and drives for operational efficiencies.
•   Delivers on Technology Strategy - Sees security engineering and design and project delivery as a key requirement to support business operations and understands the value of scalable and efficient technical solutions that provide visibility to threats, allows team the ability to quickly respond to and block threats, with low operational overhead and technical debt.
•   Business Partnership - Serves as a trusted advisor to leaders within Business functions, IT and Kite TechOps, and supports their mission. Partners with senior SRC, Employee Experience, Kite TechOps leadership to create security engineering technology strategies that support the objectives of their functions. Understands the value drivers of the Business and ensures IT Security solutions consider the balance between Security and User experience. Strong ability to partner with Managed Service providers and manage them to agree upon outcomes.
•   Financial Stewardship : Plays a thorough role in managing and containing Security Engineering Project delivery costs, along with partnering with the Security Operations and Security Architecture leads to ensure ongoing cost is well understood and managed.
•   Leadership: Proven ability to build, develop, and lead teams and rally organization staff around the strategic visions and tactical approaches to their implementation.
ESSENTIAL JOB FUNCTIONS:

General responsibilities for this position will include (but are not limited to) the following:
•  Manage team to develop, update & maintain Information Security Engineering and Cyber Fusion Center standards and reference architecture.
•  Lead and manage the Security Engineering team to deliver on Security capabilities.
•  Lead and manage the Cyber Fusion Center and Cybersecurity Incident Response
•  Present the Security Engineering and Cyber Fusion Center Investment portfolio to SRC and IT leaders and communicate the value of the security investment.
•  Lead and manage our Managed Service Provider solution delivery teams to deliver on Security Engineering and Cyber Fusion Center sustainment and investment projects.
•  Partner with Security Architecture and Security Operations, including supporting the design and delivery needs of Identity and Access Management
•  Partner with Security Operations team to ensure Security tools are optimized and ensure SecOps team have proper knowledge transfer and documentation to support new Security tools.
•  Support Security Engineering needs of Merger & Acquisition related activities
•  Ensure Security Engineering and Cyber Fusion Center activities, processes, and procedures meet defined requirements, policies, and regulations.
•  Work with Internal Audit, Project Managers, System Managers and Engineers - Track project findings, identify and resolve issues, analyze evidence, communicate with stakeholders, and facilitate the completion of related projects with security engineering design or architecture needs.
•  Participate in other activities relating to information security or other functional areas as assigned.
BASIC QUALIFICATIONS:
•  18+ years' relevant experience with High School Diploma or equivalent
•  16+ years' relevant experience with AA
•  14+ years' relevant experience with BS / BA
•  12+ years' relevant experience with MS / MA / MBA
•  Computer Science or related discipline is preferred.
•  Information security related certifications such as CISSP, CRISC, CCSP, GIAC, etc.
PREFERRED QUALIFICATIONS:
•  Strong understanding of a wide variety of cybersecurity technologies relating to the following security domains: Audit and Monitoring, Risk Response & Recovery, SIEM, Vulnerability Management, Cryptography, Data Communications, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, Cloud Security, Multi-Factor Authentication, Passwordless Authentication, Digital Rights Management, and PKI.
•  Strong understanding of NIST cyber security framework, and MITRE attack matrix
•  Strong knowledge of IT Security and Privacy concepts and controls . click apply for full job details