Associate Director, IT Application Security

Associate Director, IT Application Security
United States - California - Foster City

Gilead Sciences, Inc. is a research-based bio-pharmaceutical company that discovers, develops and commercializes innovative medicines in areas of unmet medical need. With each new discovery and investigational drug candidate, we seek to improve the care of patients living with life-threatening diseases around the world. Gilead’s therapeutic areas of focus include HIV/AIDS, liver diseases, cancer and inflammation, and serious respiratory and cardiovascular conditions.

Making an impact on a global scale
Inclusion is one of the company’s five core values. That’s because we know that we are stronger and more innovative at Gilead when we are informed by a diverse set of backgrounds, experiences and points of view. Gilead Sciences is a biopharmaceutical company that discovers, develops and commercializes innovative therapeutics in areas of unmet medical need. The company's mission is to advance the care of patients suffering from life-threatening diseases worldwide.

When you join Gilead, you join our mission to change the world by enabling people to live healthier and more fulfilling lives. Come join a mission-driven bio-pharmaceutical organization that values inclusion and diversity, has a strong portfolio of products, and is constantly #CreatingPossible

For Current Gilead Employees and Contractors:

Please log onto your Internal Career Site to apply for this job.

At Gilead we believe every employee deserves a great leader. As a people leader now or in the future, we expect that you will model and create an environment of inclusion, be intentionally focused on the hiring, development, growth and retention of talent, and empower teams to align and achieve goals.
Job Description


Gilead Sciences, Inc. is a biopharmaceutical company that has pursued and achieved breakthroughs in medicine for more than three decades, with the goal of creating a healthier world for all people. The company is committed to pursuing scientific invention to prevent and treat life-threatening diseases, including HIV, viral hepatitis and cancer. Gilead has operations in more than 35 countries worldwide, with headquarters in Foster City, California.

You will be part of a team that is helping millions of people live healthier, more fulfilling lives. We are a close community where every individual matters and everyone has a chance to enhance their skills through ongoing development. Inclusion is one of our core values, which means we are creating and fostering a work environment where our differences are valued, and everyone feels respected and empowered to bring their authentic selves to work. By joining Gilead, you will further our mission to discover, develop and deliver innovative therapeutics for people with life-threatening diseases.

The Gilead Business Services center in Raleigh's North Hills is home to some of the company's critical shared service teams in North America, including Information Technology, Global Financial Solutions, HR Operations, R&D Data Science and Procurement Services Desk. These functions provide the necessary support to ensure Gilead's business runs effectively and efficiently. The center is a catalyst for standardization of processes, digital transformation and technology optimization.

The IT Application Security Associate Director is a key member of the Information Security and Privacy team and works closely with cross functional IT and business teams to ensure that ERP and other Enterprise application security are built, maintained and protected in accordance with the application security governance process, policies, standards, and compliance requirements so that the risk is managed appropriately. The candidate will assist with developing and implementing the desired end state of the Information Security and Privacy programs within application security landscape.

As part of the Application Security team, the IT Application Security Associate Director will lead and provide the end-to-end support of the application security and participate in projects to improve and enhance application security services and governance. This position responsibility will include working with application owners and business teams across the organization to onboard and implement security services for enterprise applications.

Essential Job Functions:

• Lead an operation team to support and manage security for SAP/ERP, SAP GRC, and other enterprise applications
  
• Interface with IT and Business teams across the organization to gather security requirement, implement and support application security changes.
  
• Work with IT and business teams to design and engineer roles and role mapping for enterprise applications
  
• Support SAST/DAST and Pen testing for SAP/ERP and other security applications
  
• Understanding of Account and Identity Management to support the Onboarding and Offboarding process.
  
• Support Single Sign on implementation.
  
• Assess alerts, research patch activity, and recommend appropriate remediation for patching applications and operating system.
  
• Ensure managed systems, applications and services are being monitor and implementing changes to meet (e.g. MSB, password rotation, security requirements) security compliance
  
• Demonstrate strong critical thinking and analytical skills
  
• Exceptional communication and organizational skills and ability to work as a part of a matrix organization
  
• Identifies application security processes and standards across IT that would benefit from improvement.
  
• Proposes new standards, tools, policies and procedures to improve security, compliance, and risk management activities in Gilead.
  
• Benchmarks innovative solutions as a method of monitoring progression to ensure value is being created and is consistent with organizational goals, objectives and standards.
  
• Leads the application security design of projects that entail greater risk and widespread implications to the business.
  
• Reports status on activities, issues, projects, etc. to senior IT security management, including the effectiveness and efficiency of security activities.
  
• Works with IT, Quality Assurance, and business colleagues to ensure audit readiness, and to prepare for internal and external audits.
  
• Reviews security documents and project artifacts for to identify issues and propose improvement.
  
• Assesses and manages compliance risks across the organization, escalating to senior management, as necessary.
  

Required Skills & Job Qualifications:

• Strong understanding of SAP security and/or other ERP application security
  
• Strong understanding of general application security and understand what is required to effectively manage security for applications
  
• High level understanding of Identity Management platforms and Privileged Identity Management
  
• Development skills with C#, SQL, PowerShell.
  
• Good working knowledge of office tools such as Excel and Microsoft Project.
  
• Strong knowledge of application, database, and network principles.
  
• Bachelor's degree plus 7+ years of IT and/or Security related experience.
  
• IT Security Certification (e.g., CISSP)
  
• Recognized as a key resource in the design and execution of security systems, demonstrating a thorough understanding of the security principles, mechanisms, and technical architectures.
  
• Possesses deep and broad compliance and regulatory expertise that can be applied across multiple Gilead businesses and geographies.
  
• Possesses knowledge and understanding of health authority regulation (e.g., GxP, 21 CFR Part 11, Annex 11) and their requirements to IT Security and Risk Management procedures and technology.
  
• Understands future trends in regulatory compliance and disseminates them throughout the organization.
  

Basis Qualifications

Associate's Degree and Twelve Years Experience OR Bachelor's Degree and Ten Years Experience OR

Master's Degree and Eight Years Experience

Soft Skills:

• Strong verbal and written communication skills with the ability to document and explain technical details clearly and concisely
  
• Demonstrates expertise in multiple areas of IT security.
  
• Demonstrate strong analytical and problem-solving skills.
  
• Demonstrate exceptional communication and organizational skills in a matrix distributed organization working closely with cross-functional groups.
  

Gilead Core Values:

• Integrity (Doing What's Right)
  
• Inclusion (Encouraging Diversity)
  
• Teamwork (Working Together)
  
• Excellence (Being Your Best)
  
• Accountability (Taking Personal Responsibility)
  

If this is not the right move for you now but remain interested in a career at Gilead Sciences, please connect with us via our Career Site: https://gilead.yello.co/job_boards/v42vD4vKxb3AkKvV93YsrQ

As an equal opportunity employer, Gilead Sciences Inc. is committed to a diverse workforce. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact careers@gilead.com for assistance.

For more information about equal employment opportunity protections, please view the ‘EEO is the Law' poster: https://www.eeoc.gov/employers/upload/poster_screen_reader_optimized.pdf

Notice: Employee Polygraph Protection Act: https://www.dol.gov/whd/regs/compliance/posters/eppac.pdf

Your rights under the Family and Medical Leave Act: https://www.dol.gov/whd/regs/compliance/posters/fmlaen.pdf

Pay transparency nondiscrimination provision: https://www.dol.gov/ofccp/pdf/pay-transp_formattedESQA508c.pdf

Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.

Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.

Gilead and Kite Careers


For jobs in the United States:

As an equal opportunity employer, Gilead Sciences Inc. is committed to a diverse workforce. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact careers@gilead.com for assistance.

Following extensive monitoring, research, consideration of business implications and advice from internal and external experts, Gilead has made the decision to require all U.S., Canada, Australia, Singapore, and Hong Kong employees and contractors to receive the COVID-19 vaccines as a condition of employment. “Full vaccination” is defined as two weeks after both doses of a two-dose vaccine or two weeks since a single-dose vaccine has been administered. Anyone unable to be vaccinated, either because of a sincerely held religious belief or a medical condition or disability that prevents them from being vaccinated, can request a reasonable accommodation.​

For more information about equal employment opportunity protections, please view the 'Know Your Rights' poster.

NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT
YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT

PAY TRANSPARENCY NONDISCRIMINATION PROVISION

Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.

Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.

For Current Gilead Employees and Contractors:

Please log onto your Internal Career Site to apply for this job.






jeid-04abbbd03f3287449f31731acc4fc9e7