Security Risk Assessment Jobs in California (NOW HIRING)

At Gilead, we're creating a healthier world for all people. For more than 35 years, we've tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer - working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world's biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference.
Every member of Gilead's team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we're looking for the next wave of passionate and ambitious people ready to make a direct impact.
We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.
Job Description
Overview
Gilead Sciences is a research driven biopharmaceutical company committed to delivering lifesaving therapies to patients worldwide. Our teams work collaboratively to advance scientific innovation, accelerate access, and improve health outcomes across major therapeutic areas, including HIV/AIDS, liver diseases, oncology, inflammation, respiratory disease, and cardiovascular conditions.
As part of Gilead's global technology and security organization, the Sr. Director, Business Security, Risk & Compliance (SRC) Lead plays a critical role in shaping and securing the digital future of the enterprise.
This is a site based role located at our headquarters in Foster City, CA. Remote work is not available for this particular position. We do offer a hybrid schedule of 2 days optional work from home/3 days onsite.
Role Summary
Reporting to the Chief Information Security Officer (CISO), the Sr. Director, Business Security, Risk & Compliance (SRC) Lead serves as the strategic security partner for Gilead's global business functions. This leader drives digital and AI aligned security strategy, guides secure technology adoption, and ensures risk informed decision making across the enterprise.
The role collaborates closely with Information Security, Risk & Compliance leaders, IT Business Engagement, Enterprise Security Architecture, Infrastructure Engineering, Application Development teams, and business stakeholders across all regions. It also provides leadership and oversight for a global team of six security professionals responsible for developing, implementing, and supporting Gilead's information security, risk and compliance capabilities.
Core Responsibilities
Strategic Leadership & Digital Security Architecture

• Lead the development and execution of Gilead's digital and AI aligned security strategy.

• Ensure cyber, AI, and information security risks are identified, assessed, communicated, and effectively managed; escalate material concerns as needed.

• Translate business, digital, and technology strategies into secure architectural designs and roadmaps.

• Drive system architecture decisions that balance functionality, service quality, performance, and security.

Business Partnership & Digital Enablement

• Serve as the primary security advisor to global business functions, collaborating to evaluate emerging digital and AI initiatives.

• Partner with IT Business Engagement teams to understand business priorities, requirements, and technology roadmaps.

• Influence technology choices to ensure alignment with security standards and regulatory expectations.

Technology Strategy, Innovation & Solution Development

• Evaluate and recommend emerging security technologies, tools, and platforms to enhance Gilead's digital security posture.

• Lead the definition and evolution of security frameworks, standards, and reference architecture.

• Drive continuous improvement of security processes, systems, and delivery capabilities.

• Oversee the design and development of new digital security solutions and enhancements to existing capabilities.

Risk Management, Compliance & Controls

• Ensure digital solutions meet regulatory, risk, and compliance requirements across regions (including EU and APAC).

• Partner with Security Architecture & Governance and IT Risk & Compliance teams to define effective control requirements and operational implementation.

• Conduct and oversee security assessments, penetration testing, vulnerability analysis, and remediation efforts.

Operational Leadership & Incident Response

• Guide the deployment and optimization of security technologies including SIEM, IDS/IPS, SecOps tools, endpoint and network security, and firewalls.

• In the event of a cyber incident, lead coordinated response with SOC, IT teams, and business partners to contain impact and support recovery.

Metrics, Reporting & Communication

• Develop and track key performance indicators that measure the effectiveness of security controls and digital risk posture.

• Create compelling executive presentations that articulate strategy, risks, solution architectures, and roadmaps to senior leaders and stakeholders.

Team Leadership & Talent Development

• Lead and develop a high performing, globally distributed Security, Risk & Compliance team.

• Foster an inclusive, collaborative, and innovative team culture aligned with Gilead's core values.

• Identify, attract, and retain top security talent, including management of external partners, vendors, and academic collaborators.

Capabilities & Requirements
Technical Expertise

• Deep mastery of information security principles, architectures, and control frameworks.

• Strong understanding of digital security, cloud technologies, AIenabled security capabilities, and emerging security trends.

• Experience with enterprise identity and access management, federated identity, SSO, and related architectures.

• Proven capability in threat modeling, vulnerability management, forensics, and penetration testing.

Leadership & Business Acumen

• Demonstrated ability to define and articulate a security vision and link it to business priorities.

• Experience serving as a Business Information Security Officer (BISO) or similar security leadership role in a global organization.

• Strong communication, influence, facilitation, and negotiation skills across technical and nontechnical audiences.

• Proven track record leading teams, managing complex environments, and delivering results through collaboration.

Additional Qualifications

• Experience in regulated environments, including SOX, GxP compliant operations.

• Background in Pharma or Biotech preferred but not required.

Competency

• Strategic Thinking & Business Vision

• Innovation & Continuous Improvement

• Global Mindset

• Stakeholder Management

• Agility, Adaptability & Tolerance for Ambiguity

• Influence, Persistence & Accountability

• Team Leadership & Talent Development

Education & Experience

• Bachelor's degree in computer science, Information Systems, Business, or related field; advanced degree preferred.

• 10+ years of experience in IT, enterprise applications, or business technology functions.

• 4-5+ years of experience in cybersecurity, privacy, or risk management leadership roles.

• Industry certifications such as CISSP or equivalent strongly preferred.

• Experience in both established enterprises and highgrowth environments is advantageous.

Gilead Core Values

• Integrity - Doing What's Right

• Inclusion - Encouraging Diversity

• Teamwork - Working Together

• Excellence - Being Your Best

• Accountability - Taking Personal Responsibility

Equal Employment Opportunity
Gilead Sciences is an equal opportunity employer committed to an inclusive and diverse workforce. Applicants requiring accommodations during the application process may contact careers@gilead.com for assistance.
The salary range for this position is: $243,100.00 - $314,600.00. Gilead considers a variety of factors when determining base compensation, including experience, qualifications, and geographic location. These considerations mean actual compensation will vary. This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package. Benefits include company-sponsored medical, dental, vision, and life insurance plans*.
For additional benefits information, visit:
https://www.gilead.com/careers/compensation-benefits-and-wellbeing
* Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.
For jobs in the United States:
Gilead Sciences Inc. is committed to providing equal employment opportunities to all employees and applicants for employment, and is dedicated to fostering an inclusive work environment comprised of diverse perspectives, backgrounds, and experiences. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, sex, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact ApplicantAccommodations@gilead.com for assistance.
For more information about equal employment opportunity protections, please view the 'Know Your Rights' poster.
NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT
YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT
Gilead Sciences will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, (c) consistent with the legal duty to furnish information; or (d) otherwise protected by law.
Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.
Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.
For Current Gilead Employees and Contractors:
Please apply via the Internal Career Opportunities portal in Workday.