Lead Analyst - Information Security

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

Job Details

The Senior IAM Specialist, Information Security will deliver and manage a large and complex Identity and Governance Access Management initiatives across the business with the goals of improving efficiency, increasing security posture, and supporting aggressive growth. The Senior IAM Specialist, Information Security will be expected to work with the business to translate IAM Governance functional requirements into technical designs within SailPoint IIQ and other IGA technologies.

Primary Duties And Responsibilities

• Ensure Identity and Access Management Services follows appropriate policies, procedures, operational considerations, IT change control, and IT risk and compliance management programs These efforts include (but are not limited to): Information Security Governance processes, Policies & Procedures, Audits, Metrics, and reporting in direct alignment with contractual, regulatory and compliance requirements.
• Drive the design, implementation and management of an Identity and Access Management Services which includes Identity Life Cycle Management, Access Management (SSO, federation, multi-factor), Role and Rights Management, Entitlement Review and Attestation (Audit & Assurance) and Identity & Access Analytics
• Establish standards, driving designs and implementation of appropriate identity and access management processes and controls which help improve operations, lower risk and meet audit and compliance requirements.
• Understand a variety of IAM-related product suites and tools in order to make critical operational and strategic decisions. Example products include: SailPoint IIQ, SailPoint Predictive Identity, SailPoint IdentityNow, SAP Customer Data Cloud (Gigya), Oracle OIM, Oracle OAM, Oracle OUD, Ping Identity, Quest Change Auditor, ADFS, Active Directory, PowerShell scripts, Avatier, etc.
• Directly partner with the enterprise Finance, Legal, Audit and Compliance executives to support Internal and External Audits relating to IAM (SOX, COBIT, IT Controls)
• Lead the development and implementation of prudent enterprise security standards, guidelines and procedures to protect the integrity, availability and privacy of all corporate information assets
• Working with ISO Risk Organization, support the Business Unit and IT executives through the process of prioritizing security initiatives and spending based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the corporate strategic plan.
• Support Business Unit and IT executives through the process of prioritizing security initiatives and spending based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the corporate strategic plan
• Manage, develop and mentor teams of Identity and Access Management professionals as well as contractors, vendors and services providers
• Support strategic and tactical security, risk mitigation and regulatory compliance guidance for all IT projects, including the evaluation of enterprise policies, processes, operating procedures and governance controls
• In alignment with the Company's growth and direction, assists in managing the development of budgets, controls and measurements to monitor progress
• Make recommendations for succession planning
• Performs related duties as assigned
  
  

What Your Background Should Look Like

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

• Bachelor’s Degree in Information Technology, Information Security and Assurance, Computer Science, Cyber Security, Business Analytics or other related field or equivalent work experience.
• Typically requires 7-10 years of combined IT and security work experience with a broad range of exposure to Identity and Access Management functions and over 5 years’ experience designing and deploying Identity and Access Management solutions at the enterprise level.
• Experience leading technical teams in a large and complex environment to deliver related capabilities and services.
• Demonstrated successful implementation of security control frameworks and standards such as ISO 27001, ISO 17799, COBIT, ITIL, NIST and PCI.
• Certification in Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and/or equivalent business experience in a matrix Organization required.
  
  

Minimum Skills, Knowledge And Ability Requirements

• Demonstrated ability and willingness to collaborate with others to insure consistent and high-quality results
• High level of personal integrity with the ability to professionally handle highly sensitive and confidential situations with Executives, Customers, and 3rd parties.
• Ability to easily defuse critical situations and manage escalations appropriately.
• Ability to communicate effectively both orally and in writing; ability to communicate with customers, associates, and management in a cross functional matrix organization; solid teamwork and interpersonal skills
• Ability to establish solid relationships with vendors in support of initiatives; ability to negotiate and manage outside vendors against deliverables.
• Solid project management skills including the ability to effectively deploy resources and manage multiple projects of various diverse scope in a matrix and cross-functional environment
• Solid knowledge of information security principles and practices
• Working knowledge of network solutions and systems
• Excellent track record communicating, managing complex projects and influencing others, in a diversified and international matrix organization. Adept at proposing, implementing, and managing change while prepared to question the “Status Quo”
• Ability to deal with ambiguity in a very dynamic and high speed and complex business environment.
  
  

Education

EDUCATIONAL QUALIFICATIONS:

• Bachelor’s Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience.
  
  

Preferred Certifications

• Certified Cloud Security Professional (CCSP)
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security + Certification
• Systems Security Certified Practitioner (SSCP)
• TS-SCI Security Clearance Certification
  
  

Work Experience

• 6+ years of directly-related or relevant experience, preferably in information security.
  
  

Skills & Knowledge

Behavioral Skills:

• Conflict Resolution
• Creativity & Innovation
• Decision Making
• Planning
• Presentation Skills
• Risk-taking
  
  

Technical Skills

• Advanced Encryption
• Application Architecture
• Cybersecurity
• Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)
• IT Risk Management
• Network Solutions and Systems
• Programming and Development
• Root Cause Analysis
• Software Development Life Cycle (SDLC)
• Threat Modelling
  
  

Tools Knowledge

• Microsoft Office Suite
• Programming and Development Languages - JavaScript, HTML/CSS, Python, SQL
• Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.
  
  

What Cencora offers

Benefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements.

Full time

Affiliated Companies

Affiliated Companies: AmerisourceBergen Services Corporation

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email [email protected]. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned