Sr Dir - Information Security

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

Job Details

POSITION SUMMARY :

Cencora is seeking a technically exceptional and operationally experienced Senior Director of Cyber Incident Response to lead the frontline defense of our enterprise.

This role is built for a leader who strives in the trenches - someone who can architect SIEM pipelines, build a threat-informed detection strategy, and still command a room during a executive incident briefing. You'll oversee global security operations, lead major incident response efforts, and architect the next evolution of our SOC capabilities. This is not a figurehead role - we're looking for someone who can roll up their sleeves and lead by technical example.

Our employee experience is a strategic priority for our company. Our leaders are accountable for leading with purpose, fairness, and equity. They are responsible for building and developing diverse teams, maintaining a safe and inclusive environment, setting clear priorities, and holding self and team accountable for executing with excellence.

PRIMARY DUTIES AND RESPONSIBILITIES :

Serve as the enterprise incident commander for high-severity cyber events. Drive investigations, coordinate response across legal / privacy / IT, and deliver concise executive-level reporting and briefings

Establishes and leads at least one center of excellence within ISO to provide continuous process improvement and standardization

Guide and mentor teams in advanced incident response techniques, threat hunting, malware analysis and detection rule development

Oversee the global security operations center (internal and MSSP), ensure effective coverage, threat visibility, alert fidelity, and automation.

Direct the strategy and optimization of the incident response and SOC tech stack, including SIEM, SOAR and EDR.

Assess risks of all nature, internal and external, and provides intelligence and direction and actionable decision-making, to protect the corporate brand, data and assets

Acts as the trusted advisor for security, risk, compliance and governance matters and supports the enablement of business segment security capabilities via balanced risk decisions

Sets goals / KPIs, creates budget and manages the overall performance of the Information Security Strategy team

Leads, develops and mentors teams of Information Security Strategy and IS IT Risk Management professionals as well as contractors, vendors and services providers

Guides and consults IT executives and business leaders regarding risks to information security and business operations as well as the necessary corporate responsibilities required to mitigate those risks throughout the enterprise

Builds appropriate metrics and KPIs and provides regular reporting on the information security program maturity, risk posture and management, and regulatory compliance

Ensures reports and data are utilized in regulatory reporting are completed in the required timelines and reports are prepared and submitted to appropriate agencies and stakeholders

Follows information security trends within and outside of work with executive leadership to strategize and recommend changes and updates to company

EDUCATIONAL QUALIFICATIONS :

Education :

Master's Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.

Preferred Certifications :

Certified Information Systems Security Professional (CISSP)

Certification in Information Security Strategy Management (CISM)

Offensive Security Certified Professional (OSCP)

GIAC Certified Incident Handler (GCIH)

WORK EXPERIENCE :

12+ years of directly-related or relevant experience with 8+ years in a managerial capacity, preferably in information security.

What Cencora offers

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https : / / www.virtualfairhub.com / cencora

Full time

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Affiliated Companies

Affiliated Companies : AmerisourceBergen Services Corporation