Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!Job DetailsThe Manager - Information Security is responsible for planning, executing, and managing multi-faceted projects related to information security. Managers are focused on developing and driving security strategies, and policies/standards, ensuring the effectiveness of solutions and providing security-focused consultative services to the organization. They provide expertise and assistance to ensure the company’s infrastructure and information assets are protected. They work on security initiatives/issues for Information Security functional area of responsibility. They work directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They also communicate and educate IT organization and the business about Information Security policies and industry standards and provide solutions for enterprise/service security issues and are responsible for driving the Information Security team focused on protecting businesses.PRIMARY DUTIES AND RESPONSIBILITIES:Acts as the Security subject-matter expert that and serves as a point of contact and lead for initiatives that align to Information Security strategy.Identifies critical areas of focus, drives future investment needs, and ensures execution of initiatives, and manages the delivery of and monitoring for activitiesPerforms security and risk analyses to identify cost-effective and essential safeguards, and creates and delivers metrics related to these activitiesSupports the development of security roadmaps for key business and technical areas, balancing technology opportunities and business demand/requirementsAssists in the documentation of information security requirements into propositions and business cases and ensures early visibility of changing business requirements and their impact on information securityMaintains a strong understanding of the business IT strategy, overall security enterprise architecture direction and applies this knowledge to recommendations and security architecturePromotes compliance with all information security policies and principles mandated by the organization, they supporting policy communication, development and adherenceOversees the planning, execution, and management of multi-faceted projects related to Endpoint Detection and Response, Security orchestration automation and response (SOAR), User entity behavior analytics (UEBA), and Next-Generation Security Information and Events Management.Advises on the strategic and tactical direction and consultation on Information security initiatives and reports any process gaps to management and recommends possible solutionsParticipates in goals/KPIs setting, budget creation and performance management of Information Security Strategy teamInterfaces with business and IT leaders communicating security issues and responding to requests for assistance and information and consults with other business and technical staff on potential business impacts of proposed changes to the security environmentWorks with IT and development teams to design secure infrastructure solutions and applications, facilitating the implementation of protective and mitigating controls and directly with the customers, third parties and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual riskAssesses potential items of risk and opportunities of vulnerability in the network and on information technology infrastructure and applications and reports on them with actionable recommendationsMonitors the legal and regulatory environment for development/changes and recommends, manages, and implements required changes to information security policies and proceduresProvides divisional insight to the enterprise cybersecurity organization to make business-informed decisions on enterprise policy and controlsEnsures cybersecurity across multiple departments system-wide and interacts at all levels of staff and management to understand risks, threats, problems and finds security solutionsProvides enterprise-wide leadership to establish and maintain comprehensive information security and data privacy program ensuring compliance and managing organizational risksREQUIREMENTS INCLUDE:Education:Bachelor’s Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience.Preferred Certifications:Certified Information Systems Auditor (CISA)Certified Information Systems Security Professional (CISSP)Certification in Information Security Strategy Management (CISM)Information Technology Infrastructure Library (ITIL)Offensive Security Certified Professional (OSCP)Project Management Professional (PMP) CertificationTS-SCI Security Clearance CertificationWORK EXPERIENCE:five (5) or more years of directly-related or relevant experience with two (2) or more years in a managerial capacity, preferably in information security.SKILLS & KNOWLEDGE:Behavioral Skills:Coaching and MentoringCollaborationConflict ResolutionCritical ThinkingDetail OrientedPeople ManagementPresentation SkillsTechnical Skills:IT Risk ManagementIT ControlsCyber Attack MitigationEnterprise ArchitectureInformation Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)IT Risk ManagementNetwork SecurityInformation Security Strategy ContinuityThreat ModellingTools Knowledge:Microsoft Office SuiteSecurity Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.Security Testing Tools - Open Source and COTS security toolsThreat Intelligence ToolsVulnerability Testing Tools#LI-MD1What Cencora offersWe provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencoraEqual Employment OpportunityCencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call or email . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returnedAffiliated CompaniesAffiliated Companies: AmerisourceBergen Services Corporation