Incident Response Lead IT Cybersecurity Fusion Center

At Gilead were creating a healthier world for all people. For more than 35 years weve tackled diseases such as HIV viral hepatitis COVID19 and cancer working relentlessly to develop therapies that help improve lives and to ensure access to these therapies across the globe. We continue to fight against the worlds biggest health challenges and our mission requires collaboration determination and a relentless drive to make a difference.

Every member of Gileads team plays a critical role in the discovery and development of lifechanging scientific innovations. Our employees are our greatest asset as we work to achieve our bold ambitions and were looking for the next wave of passionate and ambitious people ready to make a direct impact.

We believe every employee deserves a great leader. People Leaders are the cornerstone to the employee experience at Gilead and Kite. As a people leader now or in the future you are the key driver in evolving our culture and creating an environment where every employee feels included developed and empowered to fulfil their aspirations. Join Gilead and help create possible together.

Job Description

POSITION SUMMARY

As a Cyber Security Incident Response Lead you will be at the forefront of our organizations defense against Cyber threats. This handson technical role requires a seasoned Cybersecurity professional with extensive experience in Threat detection & Incident response a strategic mindset and the ability to guide and mentor other response teams. Your core role will be to orchestrate the response to complex cybersecurity incidents ensuring effective mitigation strategies and contributing to the enhancement of our overall cyber resilience. A key responsibility is to continually assess security monitoring effectiveness and to make recommendations to improve Cyber Security Incident Response capabilities. This position reports to the Director of Cyber Fusion Center (Global Cyber Security Operations) and works closely with key stakeholders in incident response roles company wide.

Locations: Raleigh NC or Foster City CA

ESSENTIAL JOB FUNCTIONS

• Extensive knowledge and experience in handling Cyber Security threats and Incident response activities including Detection Triage Investigation Remediation and Recovery from security issues.
• Extensive experience as Security Incident commander leading security investigations while liaising with IT Operations legal and business teams through security incidents
• Extensive experience with designing implementing and optimizing a Security Incident Response process
• Extensive experience with designing and implementing SOC and IR technologies including SIEM EDR UEBA among other capabilities
• Monitor security events to detect threats and analyze situations in context to detect advanced threats.
  • Alerts analysis
  • Investigate Incidents
  • Analyze Malware
• Develop Security Operations Center detection tools rules and intelligence to improve detection & investigation efficiency of the Center.
• Assess new technologies tests them in a lab environment and proposes them for SOC improvement.
• Operate Security Operations Center devices to ensure high availability and security.
• Maintain and operate SOC network systems workstations and other technical components.
• Oncall availability outside business hours.

REQUIRED SKILLS & JOB QUALIFICATIONS

• Minimum 8 years of IT experience with progressive responsibilities and with at least 5 years of Cyber Security experience.
• Security professional with a strong technical background in Cyber Security Windows / Linux Network Security Security Operations Center (SOC) Cloud Security (AWS Azure) MITRE ATT&CK or similar frameworks Threat Analysis IT Operations and Incident response
• Strong verbal and written communication skills with the ability to adapt information delivery based on the target audience.
• Ability to create or review procedures for protection of systems and applications.
• Knowledge of information security principles concepts practices systems software database software and immediate access storage technology to carry out activities relating to security certification and accreditation.
• Ability to provide expert technical advice guidance and recommendations to management and other technical specialists on critical information technology security issues.
• Recommends and coordinates the application of fixes patches & recovery procedures in the event of a security breach.
• Experience with security tools and platforms including SIEM IPS/IDS Endpoint and Server protection Network protection Firewalls etc.
• Extensive experience in Cyber threat and vulnerability analysis and remediation.
• Forensic examination and data preservation.
• Significant experience doing internal and external penetration testing (red / blue / purple team experience)
• Very strong security awareness and knowledge.
• Strong understanding of key infrastructure systems (Active Directory Windows/Linux Databases Cloud systems)
• Ability to multitask and manage multiple topics and demands concurrently.
• Working knowledge of IT processes (i.e. ITIL) including incident problem defect change and release management.
• Prior working experience in a Pharmaceutical company is a plus.
• Performs other duties as assigned.

Preferred Skills:

Proficiency in digital forensics malware analysis and threat hunting.

Experience with threat intelligence platforms and attack frameworks.

Familiarity with Cloud security threat detection and monitoring best practices.

EDUCATION & CERTIFICATION

• High School Degree and Twelve Years Experience OR Associates Degree and Ten Years Experience OR Bachelors Degree and Eight Years Experience OR Masters Degree and Six Years Experience OR PhD
• Information Security Certification (CISSP GSEC GPEN CEH etc. or other related security certification is highly desired.
• Microsoft AWS Linux Unix and Cisco certifications would be an asset

Gilead Core Values:

• Integrity (Doing Whats Right)
• Inclusion (Encouraging Diversity)
• Teamwork (Working Together)
• Excellence (Being Your Best)
• Accountability (Taking Personal Responsibility)

For additional benefits information visit:

Eligible employees may participate in benefit plans subject to the terms and conditions of the applicable plans.

For jobs in the United States:

Gilead Sciences Inc. is committed to providing equal employment opportunities to all employees and applicants for employment and is dedicated to fostering an inclusive work environment comprised of diverse perspectives backgrounds and experiences. Employment decisions regarding recruitment and selection will be made without discrimination based on race color religion national origin sex age sexual orientation physical or mental disabilitygenetic information or characteristic gender identity and expression veteran status or other nonjob related characteristics or other prohibited grounds specified in applicable federal state and local laws. In order to ensure reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973 the Vietnam Era Veterans Readjustment Act of 1974 and Title I of the Americans with Disabilities Act of 1990 applicants who require accommodation in the job application process may contact for assistance.

For more information about equal employment opportunity protections please view theKnow Your Rights poster.

NOTICE: EMPLOYEE POLYGRAPH PROTECTION ACT
YOUR RIGHTS UNDER THE FAMILY AND MEDICAL LEAVE ACT

PAY TRANSPARENCY NONDISCRIMINATION PROVISION

Our environment respects individual differences and recognizes each employee as an integral member of our company. Our workforce reflects these values and celebrates the individuals who make up our growing team.

Gilead provides a work environment free of harassment and prohibited conduct. We promote and support individual differences and diversity of thoughts and opinion.

For Current Gilead Employees and Contractors:

Please apply via the Internal Career Opportunities portal in Workday.