Sr. Director – Business Security, Risk & Compliance (SRC) Lead

**This is a site based role located at our headquarters in Foster City, CA. Remote work is not available for this particular position. We do offer a hybrid schedule of 2 days optional work from home/3 days onsite**.As part of Gilead’s global technology and security organization, the **Sr. Director, Business Security, Risk & Compliance (SRC) Lead** plays a critical role in shaping and securing the digital future of the enterprise. **Role Summary** The role collaborates closely with Information Security, Risk & Compliance leaders, IT Business Engagement, Enterprise Security Architecture, Infrastructure Engineering, Application Development teams, and business stakeholders across all regions. It also provides leadership and oversight for a global team of six security professionals responsible for developing, implementing, and supporting Gilead’s information security, risk and compliance capabilities.**Core Responsibilities** Partner with IT Business Engagement teams to understand business priorities, requirements, and technology roadmaps. Ensure digital solutions meet regulatory, risk, and compliance requirements across regions (including EU and APAC). Partner with Security Architecture & Governance and IT Risk & Compliance teams to define effective control requirements and operational implementation. **Capabilities & Requirements** Experience with enterprise identity and access management, federated identity, SSO, and related architectures. Demonstrated ability to define and articulate a security vision and link it to business priorities. Experience serving as a Business Information Security Officer (BISO) or similar security leadership role in a global organization. Strong communication, influence, facilitation, and negotiation skills across technical and nontechnical audiences.**Additional Qualifications** Experience in regulated environments, including SOX, GxP compliant operations.**Education & Experience** 10+ years of experience in IT, enterprise applications, or business technology functions. 4–5+ years of experience in cybersecurity, privacy, or risk management leadership roles. Experience in both established enterprises and highgrowth environments is advantageous. #J-18808-Ljbffr