Assoc Director, IT Architecture

At Gilead, we’re creating a healthier world for all people. For more than 35 years, we’ve tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer – working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe.

We continue to fight against the world’s biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference. Every member of Gilead’s team plays a critical role in the discovery and development of life-changing scientific innovations.

Our employees are our greatest asset as we work to achieve our bold ambitions, and we’re looking for the next wave of passionate and ambitious people ready to make a direct impact. We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite.

As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together.

Job Description Role Summary Reporting to the Sr. Director, Security Architecture, the Associate Director, Security Architecture, Information Technology Risk & Compliance (SRC) serves as the strategic security partner for Gilead’s global business functions.

This leader drives aligned DSP security strategy, guides secure technology adoption. The role collaborates closely with Information Security, Risk & Compliance leaders, IT Business Engagement, Enterprise Security Architecture, Infrastructure Engineering, Application Development teams, business stakeholders and Legal and Compliance departments across all regions.

ESSENTIAL JOB FUNCTIONS: Understand, advocate, and influence alignment with business and IT strategy, ensuring security architecture supports enterprise objectives Analyze business context, trends, and strategic drivers to translate requirements into appropriate technical architectures, security strategies, and multi-year roadmaps Lead requirements gathering, documentation, and traceability for strategic initiatives (e.g., DSP) ensuring alignment between business needs, technical design, and regulatory/compliance requirements Serve as the primary SRC representative and interface for assigned initiatives, including participation in cross-functional program forums (e.g., PM calls), to ensure alignment and continuity across architecture, development, and delivery activities Partner with development, testing, and operations teams to support the end-to-end solution lifecycle, including design validation, implementation support, process documentation, training, and rollout of security and procurement-related capabilities Act as a key liaison with Legal, Compliance and Procurement stakeholders to ensure systems, processes, and tools align with regulatory obligations and evolving policy requirements Research emerging security technologies and industry trends to support continuous security enhancement and innovation efforts Analyze the current technology environment to identify critical deficiencies, risks, and improvement opportunities, and recommend pragmatic solutions Create and deliver clear, executive level presentations to articulate architecture strategies and ensure alignment with Department of Justice (DSP) security standards Help define and maintain the principles that guide DSP technical architecture decisions, standards, and tradeoffs across the enterprise Lead and facilitate the evaluation, selection, and standardization of security technologies, including defining implementation patterns and best practices Consult on solution architecture for in-scope initiatives to ensure compliance with DSP security architecture standards and enterprise guardrails Review and assess existing security solutions for effectiveness and efficiency, and develop strategies to enhance alignment with current DSP standards Participate in security incident investigations as needed, providing architectural guidance and root cause insight Support internal and external audits, penetration testing, and vulnerability assessments by contributing to responses and recommending risk mitigation actions Assist in developing, formalizing, and maintaining security policies, procedures, and technical standards, and support monitoring and enforcement of compliance REQUIRED SKILLS & JOB QUALIFICATIONS: Architecture & Technical Expertise Strong, track record of designing secure architectures for complex solutions and an ability to deliver results through partnering with stakeholders in IT and the business Solid understanding of "Cloud Architectures" (e.g., SaaS, PaaS, IaaS) and the ability to address the unique considerations of secure Cloud computing (including effective monitoring) Strong experience with mid/large global enterprises with large geographical topologies Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management Security Knowledge & Standards Knowledge of current Department of Justice (DOJ) technical security and Transfer standards.

Broad understanding of security domains including governance, risk management, audit and monitoring, cryptography, data protection, network security, vulnerability management, and incident response Experience aligning technical solutions with regulatory and compliance requirements, including working with Legal, Compliance, and Procurement functions Strong Knowledge of IS and Privacy Frameworks/standards such as SSAE16 Type II, Safe Harbor, ISO/IEC 2700x series, NIST 800-53, COBIT, HITRUST, HIPAA, PCI etc.

Strategy & Vision Ability to translate business strategy, regulatory requirements, and risk posture into actionable security architectures, roadmaps, and multi-year plans Experience driving end-to-end solution lifecycle execution, including architecture, design validation, implementation support, testing, and operational rollout Ability to identify gaps, risks, and deficiencies in the current environment and develop pragmatic, prioritized remediation strategies Communication & Leadership Skills Exceptional interpersonal skills in areas such as teamwork, facilitation and negotiation along with demonstrated ability to communicate effectively and influence technology decisions at all levels (from senior IT and business management & leaders to technical contributors & staff) Strong verbal and written communication skills Skilled at translating complex technical concepts into business-relevant outcomes and decisions Ability to document processes, architectures, and requirements in a structured, consumable manner EDUCATION & CERTIFICATION Bachelor's degree in computer science, MIS, CS or other IT related major 10 or more years of experience in IT security, privacy and risk management domains Information Security Certifications (CISSP, etc.) or other related security certifications Additional Preferred Skills Prior working experience in a pharmaceutical company is a big plus Highly organized, results-oriented and attentive to details, self-motivated, proactive, independent and responsive – requires little supervisory attention The salary range for this position is: $195,670.00 - $253,220.00.

Gilead considers a variety of factors when determining base compensation, including experience, qualifications, and geographic location. These considerations mean actual compensation will vary. This position may also be eligible for a discretionary annual bonus, discretionary stock-based long-term incentives (eligibility may vary based on role), paid time off, and a benefits package.

Benefits include company-sponsored medical, dental, vision, and life insurance plans*. For additional benefits information, visit: https://www.gilead.com/careers/compensation-benefits-and-wellbeing * Eligible employees may participate in benefit plans, subject to the terms and conditions of the applicable plans.

For jobs in the United States: Gilead Sciences Inc. is committed to providing equal employment opportunities to all employees and applicants for employment, and is dedicated to fostering an inclusive work environment comprised of diverse perspectives, backgrounds, and experiences.

Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, sex , age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws.

In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact ApplicantAccommodations@gilead.com for assistance.

For more information about equal employment opportunity protections, please view the 'Know Your Rights' poster. NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT Gilead Sciences will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant.

However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, (c) consistent with the legal duty to furnish information; or (d) otherwise protected by law.

Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team. Gilead provides a work environment free of harassment and prohibited conduct.

We promote and support individual differences and diversity of thoughts and opinion. For Current Gilead Employees and Contractors: Please apply via the Internal Career Opportunities portal in Workday.