Senior Manager, IT Security & Privacy
8d ago

Job Description

Senior Manager, IT is a key member of the Information Security and Data Privacy team and works closely with IT and other business stakeholders to develop, update and maintain security policies, standards, and baseline requirements to manage information risk to Gilead appropriately.

The candidate will assist with developing and implementing the desired end state of the Information Security and Privacy programs including but not limited IT Risk management and Security Governance.


  • Evaluate, design, and recommend appropriate changes to integrate security within various on-going projects and / or solutions to comply with Gilead security policies, standards and baselines.
  • Collaborate on select security projects including development of requirements, evaluation of competing products, selection and implementation of products.
  • Recommends and coordinates the application of fixes, patches, & recovery procedures in the event of a security breach.
  • Assists in the testing of controls and the remediation of any deficiencies identified.
  • Conduct risk assessments and evaluate risk based on vulnerability assessment and / or penetration test results.
  • Assist in formalizing and updating security policies, procedures and technical standards and auditing / monitoring compliance with those standards.
  • Leads, performs or reviews software security evaluations and security exception management.
  • Assist in developing responses to internal & external audits, penetration tests and vulnerability assessments, as needed.

  • Minimum 8 years of progressively responsible IT security experience with at least 5-6 years of security / infrastructure assessment experience.
  • Security professional with a proven experience within the security industry
  • Strong verbal and written communication skills with the ability to adapt information delivery based on the target audience
  • Ability to work in a fast paced, highly visible, changing environment.
  • Proven track record in identifying security gaps and recommending appropriate security controls to mitigate risk to Gilead.
  • Proven track record in conducting IT risk and security assessments of solutions (Security or Business Specific).
  • Significant experience in developing information security related policies, standards and baseline requirements.
  • Significant experience in evaluating internal and external penetration testing results i.e. white hat hacking.
  • Strong Knowledge of Security Frameworks (ISO 27002, NIST 800-53, COBIT, HITRUST)
  • Knowledge of security regulations and standards (HIPAA, HITECH, PCI.)
  • Must be able to perform hands-on evaluation for a wide range of software from a security perspective.
  • Proven ability at building working relationships with partners and peers.
  • Excellent analytical and problem solving skills.
  • Ability to multitask and manage multiple topics and demands concurrently
  • Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management
  • Prior working experience in a Pharmaceutical company is a big plus
  • Highly organized, results-oriented and attentive to details
  • High level of personal integrity consistent with Gilead’s core values
  • Performs other duties as assigned.

  • 8+ years of relevant experience
  • Bachelor of Science degree in management information systems, computer science, engineering or other IT-related major is required
  • Information Security Certification (CISSP, CRISC, etc ) or other related security certification is highly desired
  • Microsoft, Linux, Unix, and Cisco certifications would be an asset
  • LI-JL2

    Add to favourites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form