Summary:

We are seeking a highly skilled and experienced Director of Information Security Customer Trust & Business Enablement to lead critical functions within our Information Security program. This role will be responsible for building and maintaining trust with customers by managing customer audit responses implementing and overseeing a customer trust center and driving initiatives that enable secure business operations. The ideal candidate will also oversee activities related to governance risk and compliance (GRC) including cyber insurance ESG (Environmental Social and Governance) matters and collaboration with cross-functional teams such as PMO (Project Management Office) and IT Business Management.

As a trusted leader the Director will develop and execute strategic roadmaps ensure alignment with business objectives and facilitate operational excellence through the creation and oversight of standard operating procedures (SOPs). This position reports to the VP of Information Security and will work closely with internal stakeholders customers and external auditors.

Primary Duties & Responsibilities:

Customer Trust & Business Enablement

• Lead and manage theCustomer Audit Response Process ensuring timely accurate and transparent communication of the organizations security posture to customers.

• Develop implement and manage theCustomer Trust Center serving as a centralized resource for customer security communications FAQs certifications and other trust-building materials.

• Overseecustomer contract reviews specifically addressing information security and privacy clauses to ensure compliance with organizational policies and regulatory requirements.

• Facilitate the creation and delivery ofcustomer security reports including SOC 2 ISO 27001 and other relevant certifications or attestation documents.

• Act as the primary liaison between customers and the information security team to address customer concerns and inquiries related to cybersecurity.

Governance Risk and Compliance (GRC)

• Develop and maintainSOPs (Standard Operating Procedures)for the team ensuring consistent and efficient execution of GRC-related processes.

• Create and manageCyber GRC Roadmaps outlining strategic priorities milestones and deliverables for the GRC organization.

• Provide support forcyber insuranceprocesses including risk assessments policy renewals and coordination with internal and external stakeholders.

• Support the organizationsESG initiativesby addressing cybersecurity-related matters such as data privacy security metrics and compliance with ESG standards.

Cross-Functional Collaboration

• Collaborate with thePMO (Project Management Office)andIT Business Management Teamsto facilitate the development and tracking of project plans related to the GRC organization.

• Serve as a key interface between Information Security and other business units to ensure alignment of security compliance and business objectives.

• Drive cross-departmental initiatives and projects that enable business growth while maintaining a strong cybersecurity posture.

Strategic Leadership

• Provide visionary leadership to the Customer Trust and Business Enablement team fostering a culture of collaboration innovation and continuous improvement.

• Develop metrics and KPIs to track the performance and effectiveness of customer trust and GRC initiatives.

• Stay informed on industry trends emerging threats and regulatory changes to ensure the organization remains proactive and compliant.

• Act as a trusted advisor to senior leadership providing insights and recommendations regarding customer trust GRC and business enablement strategies.

Qualifications:

Education and Experience:

• Bachelors degree in Information Security Cybersecurity Computer Science Business Administration or a related field (Masters degree preferred).

• 8 years of experience in Information Security Governance Risk and Compliance (GRC) or a related field.

• 5 years of leadership experience managing teams and driving cross-functional initiatives.

Skills and Competencies

• Deep understanding of information security frameworks and standards (e.g. NIST CSF ISO 27001 SOC 2).

• Strong knowledge of GRC principles customer audit response and security compliance requirements.

• Experience withcustomer contract reviewsrelated to cybersecurity and privacy clauses.

• Demonstrated ability to develop and execute strategic roadmaps and operational plans.

• Familiarity withcyber insuranceprocesses and ESG reporting for cybersecurity matters.

• Exceptional project management skills with experience interfacing with PMOs and IT business management teams.

• Excellent communication and interpersonal skills with a proven ability to build trust with customers and internal stakeholders.

• Strong problem-solving and decision-making skills with the ability to manage competing priorities in a fast-paced environment.

Certifications (Preferred):

• Certified Information Systems Security Professional (CISSP)

• Certified Information Security Manager (CISM)

• Certified Information Systems Auditor (CISA)

• ISO 27001 Lead Auditor or Implementer

• Project Management Professional (PMP)

Key Competencies:

• Customer Focus:Demonstrates a deep commitment to building and maintaining customer trust through transparency and responsiveness.

• Leadership:Inspires and motivates teams to achieve shared goals while fostering a culture of accountability and collaboration.

• Strategic Thinking:Balances long-term vision with tactical execution to achieve business and security objectives.

• Collaboration:Works effectively across teams and departments to drive alignment and achieve organizational goals.

• Continuous Improvement:Continuously seeks opportunities to optimize processes reduce risk and enhance the customer experience.

What Cencora offers

We provide compensation benefits and resources that enable a highly inclusive culture and support our team members ability to live with purpose every addition to traditional offerings like medical dental and vision care we also provide a comprehensive suite of benefits that focus on the physical emotional financial and social aspects of wellness. This encompasses support for working families which may include backup dependent care adoption assistance infertility coverage family building support behavioral health solutions paid parental leave and paid caregiver leave. To encourage your personal growth we also offer a variety of training programs professional development resources and opportunities to participate in mentorship programs employee resource groups volunteer activities and much more. For details visit time