Head of Security Architecture
Engineering, And Delivery
Posted on 11/9/2022
INACTIVE
Gilead Sciences

10,001+ employees

Critical disease biopharmaceutical development
Company Overview
Gilead’s mission is to discover, develop and deliver innovative therapeutics for people with life-threatening diseases. The company is committed to creating a healthier world for everyone through their research, development of forward medicines, and clinical trials.
Biotechnology

Company Stage

N/A

Total Funding

$15.9B

Founded

1987

Headquarters

Foster City, California

Growth & Insights
Headcount

6 month growth

1%

1 year growth

5%

2 year growth

6%
Locations
San Carlos, CA, USA • Raleigh, NC, USA
Experience Level
Entry
Junior
Mid
Senior
Expert
Desired Skills
Communications
Management
Customer Service
Requirements
  • Domain Expertise: Expert level knowledge of Cyber Security capability areas, including Risk assessment and management, Identity and Access Management, Endpoint Security, Network Security, Platform Security, and application security. Able to function as a Deputy CISO
  • Strategic mindset with the ability to execute - Defines and delivers against security strategy to protect Gilead, implements automation, and drives for operational efficiencies
  • Delivers on Technology Strategy - Sees Security as a key requirement to support business operations, and understands the value of scalable and efficient technical solutions that provide visibility to threats, allows team the ability to quickly respond to and block threats, with low operational overhead and technical debt
  • Business Partnership - Serves as a trusted advisor to leaders within Business functions and IT, and supports their mission. Partners with senior IT Security leadership to create technology strategies that support the objectives of their functions. Understands the value drivers of the Business and ensures IT Security solutions take into account the balance between Security and User experience. Strong ability to partner with Managed Service providers and manage them to agreed upon outcomes
  • Financial Stewardship: Plays a thorough role in managing and containing Project delivery costs, along with partnering with the Security Operations lead to ensure ongoing cost is well understood and managed
  • Leadership: Proven ability to build, develop, and lead teams and rally organization around the vision
  • Bachelor of Science degree in management information systems, computer science, engineering or another IT-related major is required
  • Information security related certifications such as CISSP, CRISC, CCSP, GIAC, etc
  • 16+ years of relevant experience or 14+ years within Masters or PhD
  • 12+ years of cybersecurity professional experience, risk management, and governance practice
  • A minimum of 8-10 years of leadership responsibilities
  • Strong understanding of a wide variety of cybersecurity technologies relating to the following security domains: Audit and Monitoring, Risk Response & Recovery, SIEM, vulnerability management, Cryptography, Data Communications, Computer Operations Security, Telecommunications & Network Security, Security Architecture & Models, cloud security, Multi-Factor Authentication, Passwordless Authentication, Digital Rights Management, PKI
  • Strong understanding of NIST cyber security framework, and MITRE attack matrix
  • Strong knowledge of IT Security and Privacy concepts and controls
  • Knowledge of information security risk management frameworks and compliance practices
  • Knowledge of securing network technologies, client, and server operating systems
  • Strong knowledge of Secure Software Development Lifecycle (SDLC) processes and methodologies
  • Ability to develop security standards and guidelines based on best practices and industry standards
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience
  • Understanding of common security standards and healthcare related regulations and data privacy
  • Ability to assess complex multi-location projects as well as identify and recommend appropriate corrective measures to resolve security and privacy related issues
  • Strong customer service orientation and the ability to project that attitude to customers in remote locations
  • Ability to manage multiple prioritized tasks effectively
  • Strong organization and time management skills
  • Works independently and works well in a team collaborative environment
  • Skills in documenting risk and compliance activities
Responsibilities
  • Manage team to develop, update & maintain information security standards and reference architecture
  • Lead and manage the Security Engineering team to deliver on Security capabilities
  • Lead and manage the Security Project Delivery team, including Program and Project managers, Business analysts, and technical delivery engineers
  • Present the Security Investment portfolio to IT and business leaders, and communicate the value of the security investment
  • Lead and manage our Managed Service Provider solution delivery team to deliver on Security sustainment and investment projects
  • Support Merger & Acquisition related activities
  • Ensure IT activities, processes, and procedures meet defined requirements, policies and regulations
  • Work with Internal Audit, Project Managers, System Managers and Engineers - Track project findings, identify and resolve issues, analyze evidence, communicate with stakeholders, and facilitate the completion of cybersecurity related projects
  • Participate in other activities relating to information security or other functional areas as assigned
Desired Qualifications
  • Previous work experience in a Biopharma organization is a plus
  • Previous work experience in a cloud centric environment is a plus