Director, IT Risk & Controls

Foster City
See job description.
October 05 2021
Other, Other
Position Type
Full Time
Organization Type
Job Type

Director, IT Risk & Controls
United States - California - Foster City

Gilead Sciences, Inc. is a research-based bio-pharmaceutical company that discovers, develops and commercializes innovative medicines in areas of unmet medical need. With each new discovery and investigational drug candidate, we seek to improve the care of patients living with life-threatening diseases around the world. Gileads therapeutic areas of focus include HIV/AIDS, liver diseases, cancer and inflammation, and serious respiratory and cardiovascular conditions.

Making an impact on a global scale
Inclusion is one of the companys five core values. Thats because we know that we are stronger and more innovative at Gilead when we are informed by a diverse set of backgrounds, experiences and points of view. Gilead Sciences is a biopharmaceutical company that discovers, develops and commercializes innovative therapeutics in areas of unmet medical need. The company's mission is to advance the care of patients suffering from life-threatening diseases worldwide.

When you join Gilead, you join our mission to change the world by enabling people to live healthier and more fulfilling lives. Come join a mission-driven bio-pharmaceutical organization that values inclusion and diversity, has a strong portfolio of products, and is constantly #CreatingPossible

Gilead Sciences, Inc. is a biopharmaceutical company that has pursued and achieved breakthroughs in medicine for more than three decades, with the goal of creating a healthier world for all people. The company is committed to pursuing scientific invention to prevent and treat life-threatening diseases, including HIV, viral hepatitis and cancer. Gilead has operations in more than 35 countries worldwide, with headquarters in Foster City, California.

You will be part of a team that is helping millions of people live healthier, more fulfilling lives. We are a close community where every individual matters and everyone has a chance to enhance their skills through ongoing development. Inclusion is one of our core values, which means we are creating and fostering a work environment where our differences are valued, and everyone feels respected and empowered to bring their authentic selves to work. By joining Gilead, you will further our mission to discover, develop and deliver innovative therapeutics for people with life-threatening diseases.

Gilead Sciences is continuing to hire for all open roles. Our interview process may be conducted virtually, and some roles will be asked to temporarily work from home. Over the coming weeks and months, we will be implementing a phased approach to bringing employees back to site to ensure the health and safety of our teams.

The Director, IT Risk & Controls is responsible for leading the IT Risk & Controls area by sharing a point of view around ITGC controls design and audit support with expertise in a broad range of information security management topics.

Specific Responsibilities and Skills
  • Lead efforts to scope and evaluate the design of Internal Controls over Financial reporting (ICFR) specific to IT systems in compliance with the Sarbanes-Oxley Act (SOX) while supporting an efficient and effective process
  • Liaison with the Company's external and internal audit to provide expertise and consultation for a smooth and effective audit
  • Assess the impact of audit findings, provide consultative support to system managers and support teams, and monitor remediation and action plans
  • Coordinate with 3rd party service provider's as it relates to quality assessments of control execution, and the review of changes and assessments of SOX systems
  • Conduct training and awareness of Gilead's IT system key controls framework of policies, procedures, standards and guidelines
  • Work closely with business process owners, SOX PMO and Internal Audit on implementation, execution and compliance with IT system key controls
  • Participate in IT project risk assessment reviews to support development of new and/or modification of existing application
  • Oversee and lead a dynamic team of Gilead professionals and outsourced service providers
  • Support operational controls for new and emerging areas of risk

Essential Duties & Job Function:

Coordinates internal and external audits and ensure IT system owners are trained and aware of IT operating procedures and how these implement SOX control objectives. Report status of audits, open actions items and remediation efforts. Provide auditing and controls expertise to IT to support implementation of controls in new IT systems. Support the general IT Risk & Controls objectives by participating in security, compliance and risk management activities.

  • Problem Solving: Independently evaluates and develops approaches to complex problems. Thinks creatively and applies facilitation skills to achieve resolution.
  • Discretion / Latitude: Works under minimal direction and work products require minimal review.
  • Supervisory Relationships: Leads a centralized functional activity and is encouraged to effectively oversee FTE, temporary workers or consultants. Takes accountability for the achievement of business objectives. Applies project management principles to drive teams to achievement of agreed deadlines.

Basic Qualifications

Associates Degree and Sixteen Years Experience OR Bachelor\'s Degree and Fourteen Years' Experience OR Masters\' Degree and Twelve Years' Experience OR PhD and Twelve Years' Experience

Knowledge, Experience and Skills
  • 12+ years of experience with functional and technical aspects of IT compliance and auditing principles
  • Experience with leading or assisting with the coordination of internal and external audits (e.g., SOX IT or quality system audits)
  • CISA, CISSP, PMP certification strongly desired
  • Knowledge and understanding of auditing and controls and has experience working with IT operating procedures preferably in the pharmaceutical/biotech industry.
  • Experience in information and IT services including knowledge of auditing principles, auditing standards and Sarbanes-Oxley (SOX) requirements.
  • Experience working with IT general computer controls (ITGC).
  • Knowledge of application access and configuration controls and reviews in an Enterprise Resource Planning (ERP) applications environment (e.g., Oracle EBS) is strongly preferred.
  • Project Management skills are required.
  • Strong business and technology acumen; solid grasp of general IT computer and application controls, IT platforms and related services
  • Proven skills/experience in planning, coordinating and implementing information technology policies, procedures and practices in regulated computing environments
  • Knowledge and understanding of general computer controls, IT process management (i.e., ITIL) including incident, problem, change and release management
  • Highly organized, results-oriented and attentive to details
  • Ambitious, proactive, independent and responsive
  • Excellent verbal and written communication, presentation, facilitation and diplomacy skills
  • Ability to build consensus among business process owners, IT system managers, Internal Audit and to influence and coordinate across organization boundaries

Gilead Core Values:
  • Integrity (Doing What's Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)

For jobs in the United States:

As an equal opportunity employer, Gilead Sciences Inc. is committed to a diverse workforce. Employment decisions regarding recruitment and selection will be made without discrimination based on race, color, religion, national origin, gender, age, sexual orientation, physical or mental disability, genetic information or characteristic, gender identity and expression, veteran status, or other non-job related characteristics or other prohibited grounds specified in applicable federal, state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans\' Readjustment Act of 1974, and Title I of the Americans with Disabilities Act of 1990, applicants who require accommodation in the job application process may contact opens new window" target="_blank" href=""> for assistance.

Following extensive monitoring, research, consideration of business implications and advice from internal and external experts, Gilead has made the decision to require all U.S. employees and contractors to receive the COVID-19 vaccines as a condition of employment. Full vaccination is defined as two weeks after both doses of a two-dose vaccine or two weeks since a single-dose vaccine has been administered. Anyone unable to be vaccinated, either because of a sincerely held religious belief or a medical condition or disability that prevents them from being vaccinated, can request a reasonable accommodation.\u200b

For more information about equal employment opportunity protections, please view the EEO is the Law' poster.



Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.

Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.

For Current Gilead Employees and Contractors:

Please log onto your Internal Career Site to apply for this job.

To apply, visit

Copyright 2021 Inc. All rights reserved.

Posted by the FREE value-added recruitment advertising agency


Similar jobs

Similar jobs