Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job DetailsResposibilities:
Manages a team of individuals and vendors to provide support to application security programs inclusive of remediation strategies and efforts to protect infrastructure and 3rd party application vulnerabilitiesOversees the planning, execution, and management of security engagements related to functional area of responsibility.Develops key critical reports to be presented on vulnerabilities to stakeholders and serves as a subject matter expert (SME) for ISO programsAdvises strategic and tactical direction and consultation on security initiatives and provides support and collaboration to ensure organizational objectives are metDevelops, refines and implements enterprise-wide security policies, procedures, and standards across multiple platform and application environments to meet internal and external compliance responsibilitiesSupports documentation and tracking of policies, procedures, standards and system configurations and recommends and implements changes as necessaryParticipates in goals/KPIs setting, budget creation and performance management of Information Security Strategy teamLeads security team in validating and evidence gathering for escalated security incidents and identifies root cause for application and/or network-related security issues and advises on remediation optionsContributes to the review of internal processes and activities and assists in identifying potential opportunities for improvement and further automationProvides technical/management leadership on assignments and acts as a SME; provides technical and business process responses during training as requiredEnsures technical and business alignment with other team members or departments including information security project design, implementation or monitoring, research and development on new processes and procedures for best practicesCoordinates, organizes and reports on application development, and infrastructure implementation and maintenance of various security initiativesLeads the strategy, design, engineering and implementation of robust security strategies, frameworks, platforms, and solutionsProvides vision and leadership for the organization's overall cybersecurity processes and cultureCarries out the development, review, implementation, and maintenance of the organization's security guiding documentation and manages the services and relationship with research and enterprise security teams to develop joint processes and proceduresHelps the company improve information security and helps design and implement information security programs that can keep pace with the ever-changing security requirementsProvides leadership over corporate business resiliency, which includes business/service continuity planning, business impact management, and disaster recovery measuresLeads the strategy, design, engineering and implementation of robust security strategies, frameworks, platforms, and solutionsLeads a high-performing team for designing, building, testing and implementing security solutions and also assists the overall IT risk & compliance team in maintaining user population and reviewing reports related to accounting activity.
EDUCATIONAL QUALIFICATIONS:
Master’s Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.Preferred Certifications:
Certified Information Systems Auditor (CISA)Certified Information Systems Security Professional (CISSP)Certification in Information Security Strategy Management (CISM)Information Technology Infrastructure Library (ITIL)Offensive Security Certified Professional (OSCP)Project Management Professional (PMP) CertificationWORK EXPERIENCE:
7+ years of directly-related or relevant experience with 3+ years in a managerial capacity, preferably in information security.SKILLS & KNOWLEDGE:
Behavioral Skills:
Coaching and MentoringConflict ResolutionCritical ThinkingMultitaskingPeople ManagementPlanningPresentation SkillsTechnical Skills:
IT Risk ManagementIT ControlsCyber Attack MitigationInformation Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)Enterprise ArchitectureNetwork SecurityService Level MaintenanceThreat ModellingTools Knowledge:
Microsoft Office SuiteSecurity Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.Security Testing Tools - Open Source and COTS security toolsThreat Intelligence ToolsVulnerability Testing ToolsWhat Cencora offersBenefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements.
Full timeAffiliated CompaniesAffiliated Companies: AmerisourceBergen Services CorporationEqual Employment OpportunityCencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned