Director, Information Security

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

Job Details

Summary :

The Director, Information Security leads large scale projects, and a team of ISO managers and team members to ensure the security of the organization's information assets. They regularly interact with IT leadership team, business leadership team and other cross functional teams. The role also involves assisting in the development of enterprise standards & technology initiatives, and IT security governance processes ensuring compliance with regulations, internal IT standards, policies, and procedures.

The Director, Information Security will work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They also communicate and educate IT and the business about security policies and industry standards and provide solutions for enterprise / business security issues. The role provides exciting opportunity to grow as a leader within the Information Security domain.

Primary Duties & Responsibilities :

Lead the design, implementation and management of appropriate processes and controls which help assure that information created, acquired or maintained by Cencora and its authorized users, is used in accordance with its intended purpose.

Lead the proactive identification of risks and protecting Cencora's information and infrastructure from external / internal threats and implement processes which help manage and reduce the overall risk impact for Cencora

Create visibility and qualification of risks and drive initiatives to help ensure compliance with contractual, statutory and regulatory requirements, regarding information availability, access, security and privacy.

Strategic, operational and financial responsibility for the development, implementation and delivery of appropriate security services and solutions to IT and directly to the business units across Cencora and affiliates globally.

In partnership with Business Unit management team, identify the critical business assets (services, processes, information and systems), assess the potential threats and associated business risks and architect the appropriate and cost-effective security measures to ensure availability and safeguarding of the information.

Guide the Business Unit and IT executives to help prioritize security initiatives and spending based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the corporate strategic plan.

Lead strategic planning for the design and implementation of an Enterprise Information Security Management Systems (ISMS) which includes appropriate policies, procedures, operational considerations, IT change control, and IT risk and compliance management programs.

Directly partner with the enterprise Finance, Legal, Audit and Compliance executives to support Internal and External Audits (SOX, COBIT, IT Controls).

Oversee strategic and tactical security, risk mitigation and regulatory compliance guidance for all IT projects, including the evaluation of enterprise policies, processes, operating procedures and governance controls.

Lead the development, implementation and management of relevant metrics to measure the efficiency and effectiveness of the information security management systems (ISMS), risk management and related compliance programs.

Drive the tracking and resolution of Audit findings and remediation activities and support external and customer security audits

Participates in the development and maintenance of a global risk framework (a single view of the company's risk profiles and tolerance)

Effectively lead, develop and mentor teams of Information Security and IS Risk Management professionals as well as contractors, vendors and services providers.

Qualifications : Education :

Bachelor's degree in Computer Science Engineering, Information Technology, or related field. Master's degree is preferred.

Certifications :

Certification in Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and / or equivalent business experience in a matrix organization required.

Work Experience :

Minimum of 10 years of experience of progressively responsible experience in the design, implementation, and management of Information Security shared services for a global corporation (Fortune 500) with 5+ years in a managerial capacity, preferably in information security.

Skills & Knowledge : Behavioral Skills :

Strong Communication and Presentation Skills

Management and Leadership Skills

Ability and Willingness to take on Challenges

Strong Business Acumen

Ability to take ownership of work

Multitasking Skills

Ability to Handle Complex Tasks

Mentorship Skills

Team Building Skills

Analytical and Problem-Solving Skills

Project Management ability

Ability to Develop and Drive Processes

Root Cause Analysis

Technical Skills :

Project Planning & Prioritization

Resource planning & Management

Escalation Management

Financial Acumen and Budget Management

IT regulations, information security regulations and policies and procedures

Cyber Security, Security Governance and Solutions or Identity and Access Management

Security control frameworks and standards such as ISO 27001, ISO 17799, COBIT, ITIL, NIST and PCI

IT Risk Management

Enterprise Architecture

Network Security

Service Level Maintenance

Information Security Strategy Continuity

Threat Modelling

Microsoft Office Suite

Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS / IPS, AV, proxies, etc.

Security Testing Tools - Open Source and COTS security tools

Threat Intelligence Tools

Vulnerability Testing Tools

What Cencora offers

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https : / / www.virtualfairhub.com / cencora

Full time

Salary Range

$124,000 - 190,850

• This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado / California / Washington / New York / Hawaii / Vermont / Minnesota / Massachusetts / Illinois State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range.

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Affiliated Companies :

Affiliated Companies : AmerisourceBergen Services Corporation