Sr. Manager, IT Risk and Compliance - Foster City, CA

Responsibilities

• Lead and maintain a continuous DOJ audit readiness program aligned with regulatory and internal policy requirements
• Manage the DOJ Compliance Portal, ensuring accurate, complete, and timely tracking of controls and evidence
• Monitor regulatory changes and translate DOJ requirements into practical controls and processes
• Partner with control owners and system teams to ensure controls are properly designed and operating effectively
• Perform control monitoring, testing, and gap assessments to identify risks and areas for improvement
• Drive issue tracking and remediation, ensuring timely resolution of deficiencies
• Provide clear reporting and dashboards on compliance status, risks, and remediation progress
• Collaborate cross-functionally to ensure consistent execution of compliance and governance practices
• Identify opportunities to improve processes, automation, and efficiency across compliance activities
• Coordinate and manage 3rd party service providers as needed to support projects and more
• Assist with research and special projects as needed

Requirements

• Bachelor's Degree and Eight Years' Experience
• OR
• Masters' Degree and Six Years' Experience
• 7+ years of experience in GRC, IT security, compliance, or audit readiness
• Experience working in regulated environments (e.g., healthcare, life sciences, or data security)
• Familiarity with regulatory frameworks and control-based compliance programs
• Experience implementing or monitoring controls and managing audit readiness activities
• Experience with GRC tools or compliance management platforms
• Strong understanding of control design, testing, and monitoring
• Familiarity with AI governance, Responsible AI, or emerging technology risk and compliance considerations
• Ability to work cross-functionally and influence stakeholders
• Strong analytical skills and attention to detail
• Excellent communication and stakeholder engagement skills
• People Leader Accountabilities :
• -Create Inclusion - knowing the business value of diverse teams, modeling inclusion, and embedding the value of diversity in the way they manage their teams.
• -Develop Talent - understand the skills, experience, aspirations and potential of their employees and coach them on current performance and future potential. They ensure employees are receiving the feedback and insight needed to grow, develop and realize their purpose.
• -Empower Teams - connect the team to the organization by aligning goals, purpose, and organizational objectives, and holding them to account. They provide the support needed to remove barriers and connect their team to the broader ecosystem.

Benefits

Additional Information

At Gilead, we're creating a healthier world for all people. For more than 35 years, we've tackled diseases such as HIV, viral hepatitis, COVID-19 and cancer - working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the world's biggest health challenges, and our mission requires collaboration, determination and a relentless drive to make a difference. Every member of Gilead's team plays a critical role in the discovery and development of life-changing scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions, and we're looking for the next wave of passionate and ambitious people ready to make a direct impact. We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future, you are the key driver in evolving our culture and creating an environment where every employee feels included, developed and empowered to fulfil their aspirations. Join Gilead and help create possible, together. Job Description As a Sr. Manager, IT Risk and Compliance - DOJ Data Security Program , at Gilead you will ... Th e Sr. Manager, DOJ Data Security Program is part of Gilead's Security Risk & Compliance (SRC) Governance team and leads efforts to ensure ongoing compliance with Department of Justice (DOJ) Data Security Program (DSP) requirements. This role partners across IT, Security, Legal, Privacy, Compliance, and business teams to ensure controls are effective, risks are managed, and the organization maintains a continuous state of audit readiness. The position combines regulatory knowledge, control oversight, and cross-functional collaboration to drive a proactive compliance program. The role also owns the DOJ Compliance Portal, enabling real-time visibility into compliance status, control performance, and audit evidence.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Gilead Sciences? Share your experience