Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Description: Senior Director of Cybersecurity Infrastructure and Endpoint Engineering
Position Overview
We are seeking an experienced Senior Director of Cybersecurity Infrastructure to lead the design, implementation, and management of enterprise-wide security systems for infrastructure, networks, and endpoints. This role will focus on building and maintaining scalable, secure, and resilient security capabilities across the organization’s IT and OT environments.
The ideal candidate will have extensive experience in cybersecurity engineering, with expertise in securing networks, endpoints, core infrastructure, and cloud environments. This role requires a strategic leader capable of driving innovation, collaborating with cross-functional teams, and ensuring the integration of security practices into all infrastructure and endpoint operations.
Key Responsibilities
Strategic Leadership
Develop and oversee the implementation of a comprehensive infrastructure and endpoint security strategy that aligns with business objectives and regulatory requirements.
Drive the adoption of a "design, build, run, and govern" model for critical security capabilities, ensuring seamless integration with IT and business processes.
Secure Configuration & Hardening Standards
Define, implement, and maintain secure baseline configurations for endpoints, servers, network devices, and mobile platforms using CIS benchmarks and STIG guidelines.
Ensure compliance with secure configuration standards across on-premises and cloud environments.
Endpoint & Mobile Device Protection
Deploy and manage Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) solutions to detect and mitigate endpoint threats.
Oversee Mobile Device Management (MDM) and Unified Endpoint Management (UEM) platforms to enforce mobile security policies.
Implement local firewalls, USB control, disk encryption, and other endpoint protection measures to secure devices and prevent unauthorized access.
Infrastructure & Core Services Security
Secure core infrastructure services, including DNS, DHCP, Network Access Control (NAC), and wireless access points.
Manage the onboarding of network-connected devices with centralized policy enforcement to ensure consistent security practices.
Monitor and secure network infrastructure operations to prevent unauthorized access or vulnerabilities.
Network Security Architecture & Segmentation
Design and enforce network segmentation strategies for data centers, cloud environments, user networks, and OT zones.
Implement zoning, VLANs, and access control lists (ACLs) to ensure granular control and secure communication across network segments.
Collaborate with IT and OT teams to integrate segmentation strategies into enterprise network architectures.
Firewall, ZTNA, & Gateway Security Controls
Architect and manage perimeter and internal firewall rules to protect organizational assets.
Develop and enforce Zero Trust Network Access (ZTNA) policies for secure remote access.
Oversee secure email and web filtering controls, including DMARC, secure web gateways (SWG), URL sandboxing, and phishing defenses.
Telemetry & SIEM Integration
Standardize logging and telemetry collection from infrastructure, endpoints, and network devices to enable effective monitoring and detection.
Integrate security data into Security Information and Event Management (SIEM) solutions to support threat detection, hunting, and incident response.
Collaborate with the SOC team to enhance threat visibility and streamline response processes.
Cloud and Hybrid Environment Security
Secure hybrid cloud and multi-cloud infrastructure, leveraging tools like Cloud Security Posture Management (CSPM) and cloud-native security solutions.
Ensure compliance with shared responsibility models for cloud security, focusing on securing workloads, data, and configurations.
Collaborate with cloud teams to enforce security controls across public, private, and hybrid cloud environments.
Regulatory Compliance and Governance
Ensure infrastructure and endpoint security programs comply with regulatory frameworks such as NIST CSF, ISO 27001, SOX, HIPAA, and GDPR.
Develop and report on key metrics and KPIs to measure program effectiveness and organizational risk posture.
Team Leadership
Lead, mentor, and develop a high-performing team of cybersecurity professionals, including engineers, architects, and analysts.
Manage relationships with third-party vendors, contractors, and managed service providers to maximize the efficiency and effectiveness of security solutions.
Lead initiatives to strengthen the organization's cyber resilience across various security disciplines, including network security, endpoint protection, application security, identity and access management, incident response, data protection, and compliance.
·
Key Qualifications
Education and Experience
Education: Bachelor’s degree in Information Security, Computer Science, or a related field (Master’s degree preferred).
Experience: Minimum 12–15 years of experience in cybersecurity, with at least 5 years in a leadership role overseeing security infrastructure, engineering, and endpoint security programs.
Certifications
Relevant certifications such as CISSP, CISM, CCSP, CEH, or related certifications are strongly preferred.
Technical Expertise
Deep expertise in network security, endpoint protection, cloud security, and core infrastructure services.
Proficiency with tools and platforms such as EDR (e.g., CrowdStrike, Qualys), network security tools (e.g., Palo Alto, Cisco), and SIEM solutions (e.g., Splunk, Sentinel).
Strong understanding of modern IT architectures, including hybrid and multi-cloud environments, microservices, and software-defined networking (SDN).
Hands-on experience with security frameworks such as NIST CSF, ISO 27001, and CIS Controls.
Leadership and Communication Skills
Proven ability to lead cross-functional teams and manage complex security programs across large organizations.
Exceptional communication and presentation skills, with the ability to convey technical concepts to non-technical stakeholders.
Strategic thinker with the ability to balance business needs with risk management.
.
EDUCATIONAL QUALIFICATIONS:
Education:
Master’s Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.
Preferred Certifications:
• Certified Information Systems Auditor (CISA)
• Certified Information Systems Security Professional (CISSP)
• Certification in Information Security Strategy Management (CISM)
• Information Technology Infrastructure Library (ITIL)
• Offensive Security Certified Professional (OSCP)
• Project Management Professional (PMP) Certification
WORK EXPERIENCE:
• 12+ years of directly-related or relevant experience with 8+ years in a managerial capacity, preferably in information security.
SKILLS & KNOWLEDGE:
Behavioral Skills:
• Coaching and Mentoring
• Creativity & Innovation
• Decision Making
• Leadership Skills
• People Management
• Planning
• Risk-taking
Technical Skills:
• IT Risk Management
• IT Controls
• Cyber Attack Mitigation
• Enterprise IT Management
• Network Security
• Service Level Maintenance
• Information Security Strategy Continuity
• Threat Modelling
• Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)
Tools Knowledge:
• Microsoft Office Suite
• Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.
• Security Testing Tools - Open Source and COTS security tools
• Threat Intelligence Tools
• Vulnerability Testing Tools
Benefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements.
Full timeCencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned