Senior Director - Cyber Defense Engineering

• Define and execute the enterprise cyber defense architecture strategy aligned to threat landscape and risk appetite in collaboration with Cyber Defense senior leadership.
• Develop layered defense models across endpoint network cloud identity and SaaS.
• Establish and document detection engineering standards and reference architectures.
• Present defense posture maturity risk trends and roadmap to executive leadership.
• Establish the enterprise detection engineering program and lead evaluation of new tools and technologies to support the Cyber Defense ecosystem.
• Define logging standards and telemetry requirements across platforms.
• Collaborate & partner with key stakeholder to oversee use case lifecycle management (creation tuning retirement).
• Standardize MITRE ATT&CK mapping across detections.
• Reduce false positives while increasing true positive detection rates in collaboration with Cyber Defense teams.

• SIEM platforms
• SOAR playbooks
• EDR/XDR solutions
• NDR solutions
• Email security and anti-phishing platforms
• Deception technologies
• Threat intelligence platforms
• Security data lakes and analytics platforms

• Public cloud environments (AWS Azure GCP)
• Hybrid data centers
• SaaS platforms
• Enterprise networks endpoints and mobile
• OT/IoT (in partnership with OT sr. cybersecurity leadership)

• Drive automation AI/ML integration and policy-as-code for response workflows in collaboration with Cloud Security and other senior security leaders.
• Enable automated containment and remediation capabilities.
• Partner with Incident Response and Cyber Counter Adversary leadership for operational efficiency and maturity uplifts.
• Support purple team exercises to validate detection and response effectiveness.
• Integrate strategic tactical and operational threat intelligence into engineering roadmap.
• Translate threat actor activity into detection content and control enhancements.
• Support M&A security integrations and divestiture disentanglement.
• Ensure compliance with global regulatory regimes (e.g. HIPAA GDPR SOX FDA/GxP where applicable).
• Establish KPIs OKRs and performance dashboards.
• Establish control validation framework.
• Lead breach simulation and continuous control monitoring as needed to support Cyber Defense senior leaders
• Report measurable defense maturity to executive leadership and other senior leaders.
• Lead global team of detection engineers platform engineers and automation specialists.
• Establish engineering career paths and succession planning.
• Enterprise financial management and planning experience.
• Follows information security trends within and outside of work with executive leadership to strategize and recommend changes and updates to company.

• Master's Degree in Business Administration Computer Science Information Technology or any other related discipline or equivalent related experience.

• Certified Cloud Security Professional (CCSP)
• Certified Information Systems Security Professional (CISSP)
• Offensive Security Certified Professional (OSCP)
• GIAC Certified Intrusion Analyst (GCIA)
• GIAC Certified Enterprise Defender (GCED)
• GIAC Certified Incident Handler (GCIH)
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Auditor (CISA)
• Information Technology Infrastructure Library (ITIL)
• Project Management Professional (PMP) Certification

• 12+ years of directly-related or relevant experience with 8+ years in a managerial capacity preferably in information security.

• Coaching and Mentoring
• Creativity & Innovation
• Decision Making
• Leadership Skills
• People Management
• Planning
• Risk-taking

• IT Risk Management
• IT Controls
• Cyber Attack Mitigation
• Enterprise IT Management
• Network Security
• Service Level Maintenance
• Information Security Strategy Continuity
• Threat Modelling
• Information Security Strategy Standards (SOX ISO 27001/27002 COBIT ITIL NIST PCI)

• Microsoft Office Suite
• Security Tools - CSPM CWPP CDR CNAPP SIEM EDR Email Security Gateway SOAR Firewall Anti-virus Firewalls VPN IDS/IPS AV proxies etc.
• Security Testing Tools - Open Source and COTS security tools
• Threat Intelligence Tools
• Vulnerability Testing Tools

What We Do

Cencora is a leading pharmaceutical solutions organization centered on improving the lives of people and animals everywhere. With 46000+ global team members we have the opportunity to make a positive impact on healthcare in communities everywhere. Our team members are empowered to activate their careers through a collective of tools and resources designed to support individual career interests and aspirations. We value our listening culture that actions real outcomes and our team members appreciate and recognize one another for contributions that are making a meaningful global impact. No matter what your role is here the work we do together has meaning. When you join our team you become a crucial part of a greater purpose. We’re committed to supporting you personally and professionally so we can achieve more together at the center of health.Protect yourself from job scams: Recruitment scams are on the rise. To protect yourself we urge you to be vigilant and follow these guidelines > https://careers.cencora.com/us/en/job-scams

Gallery