About Gilead Sciences

Gilead Sciences is a leading research-driven biopharmaceutical company dedicated to creating a healthier world for all people. For over 35 years, Gilead has tackled some of the world's most pressing health challenges, including HIV, viral hepatitis, COVID-19, and cancer. The company relentlessly develops innovative therapies that improve lives and ensures global access to these treatments. Gilead's mission demands collaboration, determination, and a drive to make a difference, with every team member contributing to groundbreaking scientific innovations in HIV/AIDS, liver diseases, oncology, inflammation, respiratory disease, and cardiovascular conditions.

Headquartered in Foster City, California, Gilead fosters a culture where employees are empowered, included, and developed under exceptional leadership. As a global leader in biopharma, Gilead invests in cutting-edge research and digital transformation to accelerate access to therapies and enhance health outcomes worldwide.

Role Overview

The Sr. Director – Business Security, Risk & Compliance (SRC) Lead is a pivotal leadership role within Gilead's global technology and security organization. Reporting directly to the Chief Information Security Officer (CISO), this position shapes the enterprise's digital future by driving a digital and AI-aligned security strategy. Based at Gilead's headquarters in Foster City, CA, this site-based role offers a hybrid schedule with 2 optional work-from-home days and 3 days onsite. Remote work is not fully available.

This leader partners strategically with business functions worldwide, guiding secure technology adoption, ensuring risk-informed decisions, and overseeing a global team of six security professionals. Ideal for seasoned cybersecurity executives passionate about biopharma innovation, the role demands expertise in cyber risks, AI security, regulatory compliance, and enterprise architecture.

Key Responsibilities

Strategic Leadership & Digital Security Architecture

Lead the development and execution of Gilead’s digital and AI-aligned security strategy. Identify, assess, communicate, and manage cyber, AI, and information security risks, escalating material concerns. Translate business, digital, and technology strategies into secure architectural designs and roadmaps, balancing functionality, performance, and security.

Business Partnership & Digital Enablement

Act as the primary security advisor to global business functions, evaluating emerging digital and AI initiatives. Collaborate with IT Business Engagement teams to align technology choices with security standards and regulations across regions, including EU and APAC.

Technology Strategy, Innovation & Solution Development

Evaluate emerging security technologies like SIEM, IDS/IPS, SecOps tools, endpoint protection, and firewalls. Define and evolve security frameworks, standards, and reference architectures. Oversee the design, development, and continuous improvement of digital security solutions.

Risk Management, Compliance & Controls

Ensure digital solutions comply with regulatory requirements. Partner with Security Architecture & Governance and IT Risk & Compliance teams for control implementation. Conduct security assessments, penetration testing, vulnerability analysis, and remediation.

Operational Leadership & Incident Response

Guide deployment of security technologies and lead coordinated responses to cyber incidents with SOC, IT, and business partners. Deliver metrics, reporting, and communication to stakeholders.

Qualifications & Requirements

Candidates should possess 15+ years of progressive experience in information security, with at least 10 years in leadership roles within regulated industries like biopharma or healthcare. A Bachelor's or Master's degree in Computer Science, Cybersecurity, Information Technology, or a related field is required; advanced certifications such as CISSP, CISM, or CRISC are highly valued.

Key qualifications include deep expertise in AI and digital security risks, enterprise architecture, global compliance (e.g., GDPR, HIPAA), and leading distributed teams. Proven ability to influence C-suite stakeholders, drive innovation, and manage incidents in high-stakes environments is essential. Strong communication skills and a passion for Gilead's mission in HIV, oncology, and inflammatory diseases set top candidates apart.

Benefits & Perks

Gilead offers a premium compensation package, including a competitive base salary estimated at $300,000–$400,000 annually (based on biopharma sector rates for Sr. Director roles in Foster City, CA), performance bonuses, and equity. Comprehensive benefits encompass medical, dental, vision coverage, 401(k) matching, and generous PTO.

Employees enjoy hybrid flexibility, onsite fitness centers, wellness programs, and tuition reimbursement. Gilead prioritizes work-life balance, diversity, and inclusion, creating an empowering environment for professional growth.

Career Growth

As a people leader at Gilead, you'll drive cultural evolution and employee development. This role offers visibility to executive leadership, opportunities to shape global security strategy, and pathways to CISO or VP-level positions. Gilead invests in leadership training, mentorship, and cross-functional projects, positioning you for long-term success in biopharma security.

Why Join Gilead

Join a company at the forefront of therapies for HIV, oncology, and inflammatory diseases, where your security expertise directly supports life-changing innovations. Gilead's collaborative culture, bold ambitions, and commitment to employee aspirations make it an ideal place for ambitious leaders. Be part of a team fighting the world's biggest health challenges while advancing your career in a dynamic, innovative environment.

Role FAQs

Q: Is this role fully remote? A: No, it's hybrid: 2 days optional WFH and 3 days onsite in Foster City, CA.

Q: What therapeutic areas does Gilead focus on? A: HIV/AIDS, oncology, inflammatory diseases, liver diseases, respiratory, and cardiovascular conditions.

Q: Who does this role report to? A: The Chief Information Security Officer (CISO).

Q: What team size is managed? A: A global team of six security professionals.

Q: Are there travel requirements? A: Yes, collaboration across regions may involve travel.