This website uses cookies to ensure you get the best experience. Learn more
Gilead

Director, IT

Gilead Sciences is continuing to hire for all open roles. Our interview process may be conducted virtually and some roles will be asked to temporarily work from home. Over the coming weeks and months, we will be implementing a phased approach to bringing employees back to site to ensure the health and safety of our teams.

 

For Current Gilead Employees and Contractors:

Please log onto your Internal Career Site to apply for this job.

Job Description

POSITION SUMMARY

The Director of IT, Regional Chief Information Security Officer (CISO) is a senior security expert who will be located in Korea, serves as regional point of contact and is responsible for all aspects of information security and data privacy related compliance in Korea and other Asia Pacific countries. This individual contributor role will be part of the IT Security and Data Privacy team within Information Technology and work with Security, Legal, Infrastructure, Application and local business teams to ensure strong and seamless security and data privacy compliances in support of Gilead’s business strategies and processes.

ESSENTIAL JOB FUNCTIONS

  • Achieve full compliance with local government laws and regulations concerning information security and data privacy.
  • Act as a privileged point of contact for local business teams to solve security requests, incidents, threats and data privacy issues, coordinating with global processes..
  • Keeps abreast of changes in relevant laws and regulations such as the Personal Information Protection Act (“PIPA”) and the Act on Promotion of IT Network Utilization and Information Protection, Etc. (“Network Act”).
  • Possesses deep regional and technical domain expertise.
  • Detect, assess, investigate, remediate and recover from security issues.
  • Establish, manage and operate data security management system.
  • Analyze local and regional business environments (trends and business strategy) to uncover deficiencies and recommend solutions.
  • Good understanding of local systems, data flows and data classification.
  • Conduct privacy impact analysis and vendor risk assessments, escalating high-risk privacy or security issues as appropriate.
  • Oversee encryption-related functions and assess adequacy of secure servers.
  • Partner and collaborate within the IT security and data privacy group, other IT organizations, legal department and local business groups to achieve privacy and security solutions.
  • Support implementation of data privacy related policies, standards and procedures.
  • In the event of a local cyber incident or data breach, coordinate and manage response activities with SOC, Legal, local IT and the business.

REQUIRED SKILLS & JOB QUALIFICATIONS

  • Minimum 10+ years of IT experience with progressive responsibilities, and with at least 5 years of Cyber Security protection experience.
  • Security professional with a proven people management and leadership experience within the security industry.
  • Strong verbal and written communication skills in English and Korean, with the ability to adapt information delivery based on the target audience.
  • Ability to interpret, understand, and communicate real business risks in relation to technology risks.
  • Ability to create or review procedures for protection of systems and applications.
  • Knowledge of information security principles, concepts, practices, systems software, database software, and immediate access storage technology to carry out activities relating to security certification and accreditation.
  • Ability to provide expert technical advice, guidance, and recommendations to management and other technical specialists on critical information technology security issues.
  • Recommends and coordinates the application of fixes, patches, & recovery procedures in the event of a security breach.
  • Experience with security tools and platforms including SIEM, IPS/IDS, SecOps, Endpoint and Server protection, Network protection, Firewalls, etc.
  • Knowledge of Federated Identity Management, Single Sign On, and Enterprise class Identity and Access Management solutions (e.g. technology, processes, architecture, etc.)
  • Extensive experience in Cyber threat and vulnerability analysis and remediation.
  • Forensic examination and data preservation.
  • Significant experience doing internal and external penetration testing i.e. white hat hacking.
  • Ability to work in a fast paced, highly visible, changing environment.
  • Very strong security awareness and knowledge.
  • Strong understanding of key infrastructure systems (AD, Linux, Databases, Virtual Environment).
  • Proven ability at building working relationships with partners, peers, and senior Management.
  • Leads, performs or reviews security incident investigations.
  • Ability to multitask and manage multiple topics and demands concurrently.
  • Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect, change and release management.
  • Prior working experience in a Pharmaceutical company is a big plus.
  • Highly organized, results-oriented, practical and attentive to details.
  • Self-motivated, proactive, independent and responsive – requires little supervisory attention.
  • Excellent presentation, facilitation and diplomacy skills.
  • High level of personal integrity consistent with Gilead’s core values.

EDUCATION & CERTIFICATION

  • Bachelor of Science degree in management information systems, computer science, engineering or other IT-related major is required, or 10+ years of relevant experience.
  • 5 or more years of experience in IT security, privacy and risk management domains
  • Information Security Certifications (CISSP, etc.) or other related security certifications

Please submit your applications by clicking “APPLY” and profiles submitted to Gilead via other channel will NOT be registered.


 


For Current Gilead Employees and Contractors:

Please log onto your Internal Career Site to apply for this job.

Apply Now

Share this