Job Description: Senior Director of Cybersecurity Infrastructure and Endpoint Engineering

Position Overview
We are seeking an experienced Senior Director of Cybersecurity Infrastructure to lead the design implementation and management of enterprise-wide security systems for infrastructure networks and endpoints. This role will focus on building and maintaining scalable secure and resilient security capabilities across the organizations IT and OT environments.

The ideal candidate will have extensive experience in cybersecurity engineering with expertise in securing networks endpoints core infrastructure and cloud environments. This role requires a strategic leader capable of driving innovation collaborating with cross-functional teams and ensuring the integration of security practices into all infrastructure and endpoint operations.

Key Responsibilities

Strategic Leadership

• Develop and oversee the implementation of a comprehensive infrastructure and endpoint security strategy that aligns with business objectives and regulatory requirements.

• Drive the adoption of a design build run and govern model for critical security capabilities ensuring seamless integration with IT and business processes.

Secure Configuration & Hardening Standards

• Define implement and maintain secure baseline configurations for endpoints servers network devices and mobile platforms using CIS benchmarks and STIG guidelines.

• Ensure compliance with secure configuration standards across on-premises and cloud environments.

Endpoint & Mobile Device Protection

• Deploy and manage Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) solutions to detect and mitigate endpoint threats.

• Oversee Mobile Device Management (MDM) and Unified Endpoint Management (UEM) platforms to enforce mobile security policies.

• Implement local firewalls USB control disk encryption and other endpoint protection measures to secure devices and prevent unauthorized access.

Infrastructure & Core Services Security

• Secure core infrastructure services including DNS DHCP Network Access Control (NAC) and wireless access points.

• Manage the onboarding of network-connected devices with centralized policy enforcement to ensure consistent security practices.

• Monitor and secure network infrastructure operations to prevent unauthorized access or vulnerabilities.

Network Security Architecture & Segmentation

• Design and enforce network segmentation strategies for data centers cloud environments user networks and OT zones.

• Implement zoning VLANs and access control lists (ACLs) to ensure granular control and secure communication across network segments.

• Collaborate with IT and OT teams to integrate segmentation strategies into enterprise network architectures.

Firewall ZTNA & Gateway Security Controls

• Architect and manage perimeter and internal firewall rules to protect organizational assets.

• Develop and enforce Zero Trust Network Access (ZTNA) policies for secure remote access.

• Oversee secure email and web filtering controls including DMARC secure web gateways (SWG) URL sandboxing and phishing defenses.

Telemetry & SIEM Integration

• Standardize logging and telemetry collection from infrastructure endpoints and network devices to enable effective monitoring and detection.

• Integrate security data into Security Information and Event Management (SIEM) solutions to support threat detection hunting and incident response.

• Collaborate with the SOC team to enhance threat visibility and streamline response processes.

Cloud and Hybrid Environment Security

• Secure hybrid cloud and multi-cloud infrastructure leveraging tools like Cloud Security Posture Management (CSPM) and cloud-native security solutions.

• Ensure compliance with shared responsibility models for cloud security focusing on securing workloads data and configurations.

• Collaborate with cloud teams to enforce security controls across public private and hybrid cloud environments.

Regulatory Compliance and Governance

• Ensure infrastructure and endpoint security programs comply with regulatory frameworks such as NIST CSF ISO 27001 SOX HIPAA and GDPR.

• Develop and report on key metrics and KPIs to measure program effectiveness and organizational risk posture.

Team Leadership

• Lead mentor and develop a high-performing team of cybersecurity professionals including engineers architects and analysts.

• Manage relationships with third-party vendors contractors and managed service providers to maximize the efficiency and effectiveness of security solutions.

• Lead initiatives to strengthen the organizations cyber resilience across various security disciplines including network security endpoint protection application security identity and access management incident response data protection and compliance.

Key Qualifications

Education and Experience

• Education: Bachelors degree in Information Security Computer Science or a related field (Masters degree preferred).

• Experience: Minimum 1215 years of experience in cybersecurity with at least 5 years in a leadership role overseeing security infrastructure engineering and endpoint security programs.

Certifications

• Relevant certifications such as CISSP CISM CCSP CEH or related certifications are strongly preferred.

Technical Expertise

• Deep expertise in network security endpoint protection cloud security and core infrastructure services.

• Proficiency with tools and platforms such as EDR (e.g. CrowdStrike Qualys) network security tools (e.g. Palo Alto Cisco) and SIEM solutions (e.g. Splunk Sentinel).

• Strong understanding of modern IT architectures including hybrid and multi-cloud environments microservices and software-defined networking (SDN).

• Hands-on experience with security frameworks such as NIST CSF ISO 27001 and CIS Controls.

Leadership and Communication Skills

• Proven ability to lead cross-functional teams and manage complex security programs across large organizations.

• Exceptional communication and presentation skills with the ability to convey technical concepts to non-technical stakeholders.

• Strategic thinker with the ability to balance business needs with risk management.

.

EDUCATIONAL QUALIFICATIONS:
Education:
Masters Degree in Business Administration Computer Science Information Technology or any other related discipline or equivalent related experience.

Preferred Certifications:

Certified Information Systems Auditor (CISA)
Certified Information Systems Security Professional (CISSP)
Certification in Information Security Strategy Management (CISM)
Information Technology Infrastructure Library (ITIL)
Offensive Security Certified Professional (OSCP)
Project Management Professional (PMP) Certification

WORK EXPERIENCE:
12 years of directly-related or relevant experience with 8 years in a managerial capacity preferably in information security.

SKILLS & KNOWLEDGE:
Behavioral Skills:
Coaching and Mentoring
Creativity & Innovation
Decision Making
Leadership Skills
People Management
Planning
Risk-taking

Technical Skills:
IT Risk Management
IT Controls
Cyber Attack Mitigation
Enterprise IT Management
Network Security
Service Level Maintenance
Information Security Strategy Continuity
Threat Modelling
Information Security Strategy Standards (SOX ISO 27001/27002 COBIT ITIL NIST PCI)

Tools Knowledge:
Microsoft Office Suite

Security Tools - SIEM EDR Email Security Gateway SOAR Firewall Anti-virus Firewalls VPN IDS/IPS AV proxies etc.
Security Testing Tools - Open Source and COTS security tools
Threat Intelligence Tools
Vulnerability Testing Tools

What Cencora offers

Benefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements.

Affiliated Companies

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race color religion sex sexual orientation gender identity genetic information national origin age disability veteran status or membership in any other class protected by federal state or local law.

The companys continued success depends on the full and effective utilization of qualified individuals. Therefore harassment is prohibited and all matters related to recruiting training compensation benefits promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment please call 888.692.2272 or email . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned