Sr. Manager, IT Risk and Compliance - Foster City, CA
About The Position
The Sr. Manager, DOJ Data Security Program is part of Gilead’s Security Risk & Compliance (SRC) Governance team and leads efforts to ensure ongoing compliance with Department of Justice (DOJ) Data Security Program (DSP) requirements. This role partners across IT, Security, Legal, Privacy, Compliance, and business teams to ensure controls are effective, risks are managed, and the organization maintains a continuous state of audit readiness. The position combines regulatory knowledge, control oversight, and cross-functional collaboration to drive a proactive compliance program. The role also owns the DOJ Compliance Portal, enabling real-time visibility into compliance status, control performance, and audit evidence.
Requirements
- Bachelor's Degree and Eight Years' Experience OR Masters' Degree and Six Years' Experience
- 7+ years of experience in GRC, IT security, compliance, or audit readiness
- Experience working in regulated environments (e.g., healthcare, life sciences, or data security)
- Familiarity with regulatory frameworks and control-based compliance programs
- Experience implementing or monitoring controls and managing audit readiness activities
- Experience with GRC tools or compliance management platforms
- Strong understanding of control design, testing, and monitoring
- Familiarity with AI governance, Responsible AI, or emerging technology risk and compliance considerations
- Ability to work cross-functionally and influence stakeholders
- Strong analytical skills and attention to detail
- Excellent communication and stakeholder engagement skills
Responsibilities
- Lead and maintain a continuous DOJ audit readiness program aligned with regulatory and internal policy requirements
- Manage the DOJ Compliance Portal, ensuring accurate, complete, and timely tracking of controls and evidence
- Monitor regulatory changes and translate DOJ requirements into practical controls and processes
- Partner with control owners and system teams to ensure controls are properly designed and operating effectively
- Perform control monitoring, testing, and gap assessments to identify risks and areas for improvement
- Drive issue tracking and remediation, ensuring timely resolution of deficiencies
- Provide clear reporting and dashboards on compliance status, risks, and remediation progress
- Collaborate cross-functionally to ensure consistent execution of compliance and governance practices
- Identify opportunities to improve processes, automation, and efficiency across compliance activities
- Coordinate and manage 3rd party service providers as needed to support projects and more
- Assist with research and special projects as needed
Benefits
- company-sponsored medical, dental, vision, and life insurance plans
- discretionary annual bonus
- discretionary stock-based long-term incentives
- paid time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Manager
