Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Summary:
The Senior Director of Cyber Defense Architecture & Engineering leads the strategy, design, engineering, and continuous improvement of enterprise detection, response, and threat mitigation capabilities across the enterprise. This role is accountable for building or integrating resilient, intelligence-driven, automated cyber defense platforms spanning endpoint, network, cloud, identity, data, and SaaS environments. This role is responsible for building strong partnerships with technology teams, other corporate support functions, and other Information Security organizations to protect the corporate brand, data, and assets and is responsible for the design, implementation, operation, and maintenance of an information security framework, processes, and systems, that protect the business, services, information and systems against unauthorized use, disclosure, modification, damage, and loss.
The position partners closely with the CISO, Cyber Defense Sr. Leadership, other Information Security Sr. Leaders, and other Technology Leadership teams to establish a vision and strategy required to ensure scalable, measurable, and continuously improving defense capabilities across the applicable security domain in collaboration with other information security domain leaders and partner organizations.
Our employee experience is a strategic priority for our company. Our leaders are accountable for leading with purpose, fairness, and equity. They are responsible for building and developing diverse teams, maintaining a safe and inclusive environment, setting clear priorities, and holding self and team accountable for executing with excellence.
Primary Responsibilities:

• Define and execute the enterprise cyber defense architecture strategy aligned to threat landscape and risk appetite in collaboration with Cyber Defense senior leadership.
• Develop layered defense models across endpoint, network, cloud, identity, and SaaS.
• Establish and document detection engineering standards and reference architectures.
• Present defense posture maturity, risk trends, and roadmap to executive leadership.
• Establish the enterprise detection engineering program and lead evaluation of new tools and technologies to support the Cyber Defense ecosystem.
• Define logging standards and telemetry requirements across platforms.
• Collaborate & partner with key stakeholder to oversee use case lifecycle management (creation, tuning, retirement).
• Standardize MITRE ATT&CK mapping across detections.
• Reduce false positives while increasing true positive detection rates in collaboration with Cyber Defense teams.

Oversee or drive a collaborative approach to architecture and engineering of:

• SIEM platforms
• SOAR playbooks
• EDR/XDR solutions
• NDR solutions
• Email security and anti-phishing platforms
• Deception technologies
• Threat intelligence platforms
• Security data lakes and analytics platforms

Integrate defense controls across:

• Public cloud environments (AWS, Azure, GCP)
• Hybrid data centers
• SaaS platforms
• Enterprise networks, endpoints and mobile
• OT/IoT (in partnership with OT sr. cybersecurity leadership)

Additional Responsibilities:

• Drive automation, AI/ML integration, and policy-as-code for response workflows in collaboration with Cloud Security and other senior security leaders.
• Enable automated containment and remediation capabilities.
• Partner with Incident Response and Cyber Counter Adversary leadership for operational efficiency and maturity uplifts.
• Support purple team exercises to validate detection and response effectiveness.
• Integrate strategic, tactical, and operational threat intelligence into engineering roadmap.
• Translate threat actor activity into detection content and control enhancements.
• Support M&A security integrations and divestiture disentanglement.
• Ensure compliance with global regulatory regimes (e.g., HIPAA, GDPR, SOX, FDA/GxP where applicable).
• Establish KPIs, OKRs, and performance dashboards.
• Establish control validation framework.
• Lead breach simulation and continuous control monitoring as needed to support Cyber Defense senior leaders
• Report measurable defense maturity to executive leadership and other senior leaders.
• Lead global team of detection engineers, platform engineers, and automation specialists.
• Establish engineering career paths and succession planning.
• Enterprise financial management and planning experience.
• Follows information security trends within and outside of work with executive leadership to strategize and recommend changes and updates to company.

Qualifications:
Education:

• Master's Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.

Preferred Certifications:

• Certified Cloud Security Professional (CCSP)
• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Enterprise Defender (GCED)
• GIAC Certified Incident Handler (GCIH)
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Auditor (CISA)
• Information Technology Infrastructure Library (ITIL)
• Project Management Professional (PMP) Certification

Work Experience:

• 12+ years of directly-related or relevant experience with 8+ years in a managerial capacity, preferably in information security.

Behavioral Skills:

• Coaching and Mentoring
• Creativity & Innovation
• Decision Making
• Leadership Skills
• People Management
• Planning
• Risk-taking

Technical Skills:

• IT Risk Management
• IT Controls
• Cyber Attack Mitigation
• Enterprise IT Management
• Network Security
• Service Level Maintenance
• Information Security Strategy Continuity
• Threat Modelling
• Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)

Tools Knowledge:

• Microsoft Office Suite
• Security Tools - CSPM, CWPP, CDR, CNAPP, SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.
• Security Testing Tools - Open Source and COTS security tools
• Threat Intelligence Tools
• Vulnerability Testing Tools

What Cencora offers
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora
Full time
Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned
Affiliated Companies
Affiliated Companies: AmerisourceBergen Services Corporation