Cencora is dedicated to creating healthier futures through innovative solutions. The Engineer II - Information Security role involves supporting the information security infrastructure, implementing security policies, and assisting in security assessments and incident response to protect the company’s systems and data.
Supports information security infrastructure to protect the company’s computer systems and networks from cyber-attack and ensures information security compliance to all infrastructure
Assists in the implementation of enterprise-wide security policies, procedures, and standards to meet compliance responsibilities
Provides support to security incidents and assists in forensics investigations
Assists on security initiatives/issues for one or more Information Security Strategy/Cybersecurity functional areas (e.g., Cyber Operations, Incident Response, Threat Intelligence, Threat Hunting, Forensics, Vulnerability Management, Data Analytics)
Assists in security assessments and attestations and works on security initiatives/issues for like identity management, access control, security clearance, etc
Performs manual and automated penetration testing, vulnerability, and other security tests on software applications and assists in secure code reviews, and remediating identified programming flaws
Assists in coordinating with architects and testing teams to ensure servers and network devices conform to security standards and that security devices and controls are working as designed
Gathers and analyzes reporting, metrics, and key performance indicators for executive review
Assists the Lead Engineer in maintaining service-level agreements (SLAs) to ensure that security controls are upheld
Guides, coaches, and mentors Engineers I in information security policies and procedures
Collaborates with the other IT teams to focus on improving cloud and application security measures and integrate new and support existing security applications
Conducts research and analyzes security weaknesses in the current infrastructure and recommend appropriate strategies to strengthen controls
Gathers reporting, metrics and key performance indicators to measure and validate the effectiveness of existing security controls for team review
Assists in the evaluation and recommendation for tools and solutions that provides cyber, data, mobile, and cloud security functions
Supports in managing the computer security program and applying IT security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and information processing
Qualification
Required
Bachelor's Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience
2+ years of directly-related or relevant experience, preferably in information security
Supports information security infrastructure to protect the company's computer systems and networks from cyber-attack and ensures information security compliance to all infrastructure
Assists in the implementation of enterprise-wide security policies, procedures, and standards to meet compliance responsibilities
Provides support to security incidents and assists in forensics investigations
Assists on security initiatives/issues for one or more Information Security Strategy/Cybersecurity functional areas (e.g., Cyber Operations, Incident Response, Threat Intelligence, Threat Hunting, Forensics, Vulnerability Management, Data Analytics)
Assists in security assessments and attestations and works on security initiatives/issues for like identity management, access control, security clearance, etc
Performs manual and automated penetration testing, vulnerability, and other security tests on software applications and assists in secure code reviews, and remediating identified programming flaws
Assists in coordinating with architects and testing teams to ensure servers and network devices conform to security standards and that security devices and controls are working as designed
Gathers and analyzes reporting, metrics, and key performance indicators for executive review
Assists the Lead Engineer in maintaining service-level agreements (SLAs) to ensure that security controls are upheld
Guides, coaches, and mentors Engineers I in information security policies and procedures
Collaborates with the other IT teams to focus on improving cloud and application security measures and integrate new and support existing security applications
Conducts research and analyzes security weaknesses in the current infrastructure and recommend appropriate strategies to strengthen controls
Gathers reporting, metrics and key performance indicators to measure and validate the effectiveness of existing security controls for team review
Assists in the evaluation and recommendation for tools and solutions that provides cyber, data, mobile, and cloud security functions
Supports in managing the computer security program and applying IT security principles, methods, and security products to protect and maintain the availability, integrity, confidentiality, and accountability of information system resources and information processing
Preferred
Azure Security Engineer Certification
Certified Cloud Security Professional (CCSP)
Certification in Information Security Strategy Management (CISM)
Certified Information Systems Security Professional (CISSP)
CompTIA Security + Certification
Systems Security Certified Practitioner (SSCP)
Benefits
Medical, dental, and vision care
Backup dependent care
Adoption assistance
Infertility coverage
Family building support
Behavioral health solutions
Paid parental leave
Paid caregiver leave
Variety of training programs
Professional development resources
Opportunities to participate in mentorship programs
Employee resource groups
Volunteer activities
Cencora is a global healthcare company that advances the development and delivery of pharmaceuticals and healthcare products.
Glassdoor
3.6
Founded in 2023
Conshohocken, Pennsylvania, USA
10001+ employees
http://www.cencora.com
Cencora is a global healthcare company that advances the development and delivery of pharmaceuticals and healthcare products.
