Sr. Director – Business Security, Risk & Compliance (SRC) Lead

About The Position

Requirements

• Technical Expertise Deep mastery of information security principles, architectures, and control frameworks.
• Strong understanding of digital security, cloud technologies, AI enabled security capabilities, and emerging security trends.
• Experience with enterprise identity and access management, federated identity, SSO, and related architectures.
• Proven capability in threat modeling, vulnerability management, forensics, and penetration testing.
• Leadership & Business Acumen Demonstrated ability to define and articulate a security vision and link it to business priorities.
• Experience serving as a Business Information Security Officer (BISO) or similar security leadership role in a global organization.
• Strong communication , influence, facilitation, and negotiation skills across technical and non technical audiences.
• Proven track record leading teams, managing complex environments, and delivering results through collaboration.
• Bachelor’s degree in computer science, Information Systems, Business, or related field; advanced degree preferred.
• 10+ years of experience in IT, enterprise applications, or business technology functions.
• 4–5+ years of experience in cybersecurity, privacy, or risk management leadership roles.
• Industry certifications such as CISSP or equivalent strongly preferred.

Nice To Haves

• Experience in regulated environments, including SOX , GxP compliant operations.
• Background in Pharma or Biotech preferred but not .
• Experience in both established enterprises and high growth environments is advantageous .

Responsibilities

• Strategic Leadership & Digital Security Architecture Lead the development and execution of Gilead’s digital and AI aligned security strategy.
• Ensure cyber, AI, and information security risks are identified , assessed, communicated, and effectively managed; escalate material concerns as needed.
• Translate business, digital, and technology strategies into secure architectural designs and roadmaps.
• Drive system architecture decisions that balance functionality, service quality, performance, and security.
• Business Partnership & Digital Enablement Serve as the primary security advisor to global business functions, collaborating to evaluate emerging digital and AI initiatives.
• Partner with IT Business Engagement teams to understand business priorities, requirements, and technology roadmaps.
• Influence technology choices to ensure alignment with security standards and regulatory expectations.
• Technology Strategy, Innovation & Solution Development Evaluate and recommend emerging security technologies, tools, and platforms to enhance Gilead’s digital security posture.
• Lead the definition and evolution of security frameworks, standards, and reference architecture.
• Drive continuous improvement of security processes, systems, and delivery capabilities.
• Oversee the design and development of new digital security solutions and enhancements to existing capabilities.
• Risk Management, Compliance & Controls Ensure digital solutions meet regulatory, risk, and compliance requirements across regions (including EU and APAC).
• Partner with Security Architecture & Governance and IT Risk & Compliance teams to define effective control requirements and operational implementation.
• Conduct and oversee security assessments, penetration testing, vulnerability analysis, and remediation efforts.
• Operational Leadership & Incident Response Guide the deployment and optimization of security technologies including SIEM, IDS/IPS, SecOps tools, endpoint and network security, and firewalls.
• In the event of a cyber incident, lead coordinated response with SOC, IT teams, and business partners to contain impact and support recovery.
• Metrics, Reporting & Communication Develop and track key performance indicators that measure the effectiveness of security controls and digital risk posture.
• Create compelling executive presentations that articulate strategy, risks, solution architectures, and roadmaps to senior leaders and stakeholders.
• Team Leadership & Talent Development Lead and develop a high performing , globally distributed Security, Risk & Compliance team.
• Foster an inclusive, collaborative, and innovative team culture aligned with Gilead’s core values.
• Identify , attract, and retain top security talent, including management of external partners, vendors, and academic collaborators.

Benefits

• This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package.
• Benefits include company-sponsored medical, dental, vision, and life insurance plans.
• For additional benefits information, visit: https://www.gilead.com/careers/compensation-benefits-and-wellbeing
• Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.