This Sr. Director - Network Security Architecture and Engineering is responsible for building strong partnerships with business units other corporate support functions and the user community to protect the corporate brand data and assets and is responsible for the design implementation operation and maintenance of an information security framework processes and systems that protect the business services information and systems against unauthorized use disclosure modification damage and loss. Senior Directors are the leaders of Business Information Security Strategy and deliver security and compliance services for an assigned business segment while also leading an ISO center of excellence. They implement processes and controls identify risks protect information and infrastructure and lead at least one ISO center of excellence including assessments privacy services data grooming processes and strategic operational and financial responsibility for the development implementation and delivery of appropriate security services and solutions. They establish a vision and strategy lead planning and execution of security architecture application security data security and infrastructure security and ensure effective information security practices and awareness organization-wide.

Responsibilities:

• Leads the implementation and operation of the information security governance model for a major division and establishes and maintains relationships with key business unit leaders and senior staff to identify information security policies and key business assets along with associated threats standards and procedures and architects the appropriate and cost-effective security measures into the model

• Assess risks of all nature internal and external and provides intelligence and direction and actionable decision-making to protect the corporate brand data and assets

• Acts as the trusted advisor for security risk compliance and governance matters and supports the enablement of business segment security capabilities via balanced risk decisions

• Sets goals/KPIs creates budget and manages the overall performance of the Information Security Strategy team

• Establishes a vision and strategy leads planning and execution of security architecture application security could security data security and infrastructure

• Manages security architecture cyber resiliency and risk and compliance resources with business objectives in order to ensure security is applied appropriately and prioritized based on risk

• Delivers security services (architecture risk/compliance/DR/etc.) for numerous business and IT-lead projects running in parallel

• Leads develops and mentors teams of Information Security Strategy and IS IT Risk Management professionals as well as contractors vendors and services providers

• Guides and consults IT executives and business leaders regarding risks to information security and business operations as well as the necessary corporate responsibilities required to mitigate those risks throughout the enterprise

• Builds appropriate metrics and KPIs and provides regular reporting on the information security program maturity risk posture and management and regulatory compliance

• Works closely with the VP of Information Security Strategy to define a quantitative framework for assessing risks and providing balanced guidance to IT and business teams curity

• Owns strategy and vision for IT enterprise security application security vulnerability management and incident management including owning and maintaining all security policies and procedures for a growth stage biotechnology company

• Oversees and administers the cyber security policy works in conjunction with the SOC team to identify security incidents and report incidents to leadership and human resources

• Ensures reports and data are utilized in regulatory reporting are completed in the required timelines and reports are prepared and submitted to appropriate agencies and stakeholders

• Follows information security trends within and outside of work with executive leadership to strategize and recommend changes and updates to company

Education Requirements:

• Masters Degree in Business Administration Computer Science Information Technology or any other related discipline or equivalent related experience.

Preferred Certifications:

• Certified Information Systems Auditor (CISA)

• Certified Information Systems Security Professional (CISSP)

• Certification in Information Security Strategy Management (CISM)

• Information Technology Infrastructure Library (ITIL)

• Offensive Security Certified Professional (OSCP)

• Project Management Professional (PMP) Certification

Experience Requirements:

• 12 years of directly-related or relevant experience with 8 years in a managerial capacity preferably in information security.

Behavioral Skills:

• Coaching and Mentoring

• Creativity & Innovation

• Decision Making

• Leadership Skills

• People Management

• Planning

• Risk-taking

Technical Skills:

• IT Risk Management

• IT Controls

• Cyber Attack Mitigation

• Enterprise IT Management

• Network Security

• Service Level Maintenance

• Information Security Strategy Continuity

• Threat Modelling

• Information Security Strategy Standards (SOX ISO 27001/27002 COBIT ITIL NIST PCI)

Tools Knowledge:

• Microsoft Office Suite

• Security Tools - SIEM EDR Email Security Gateway SOAR Firewall Anti-virus Firewalls VPN IDS/IPS AV proxies etc.

• Security Testing Tools - Open Source and COTS security tools

• Threat Intelligence Tools

• Vulnerability Testing Tools

What Cencora offers

We provide compensation benefits and resources that enable a highly inclusive culture and support our team members ability to live with purpose every addition to traditional offerings like medical dental and vision care we also provide a comprehensive suite of benefits that focus on the physical emotional financial and social aspects of wellness. This encompasses support for working families which may include backup dependent care adoption assistance infertility coverage family building support behavioral health solutions paid parental leave and paid caregiver leave. To encourage your personal growth we also offer a variety of training programs professional development resources and opportunities to participate in mentorship programs employee resource groups volunteer activities and much more. For details visit time