Manager – Privileged Access Management (PAM) / IAM

POSITION SUMMARY:

The Manager, Information Security will deliver and manage large and complex Identity and Access Management initiatives across the business with the goals of improving efficiency, increasing security posture, and supporting aggressive growth. The Manager, Information Security will be expected to work in the Privileged Access Management space.

PRIMARY DUTIES AND RESPONSIBILITIES:

• Establish standards, driving designs and implementation of appropriate identity and access management processes and controls which help improve operations and lower risk.
• Drive the design, implementation and management of Privileged Access Management Services which includes management of privileged accounts, secure access to Cencora resources (on premise and in the cloud), secure management of credentials, session management, zero standing privilege model, just-in-time privilege access and Identity & Access Analytics.
• Understand a variety of IAM-related product suites and tools to make critical operational and strategic decisions. Example products include: BeyondTrust Password Safe, BeyondTrust Endpoint Privilege Management (EPM), BeyondTrust Privileged Remote Access, SSH Key Management, MFA, SIEM, Azure Entra, Active Directory, Linux, PowerShell scripts, etc.
• Directly partner with the enterprise Finance, Legal, Audit and Compliance executives to support Internal and External Audits relating to IAM (SOX, COBIT, IT Controls)
• Lead the development and implementation of prudent enterprise security standards, guidelines and procedures to protect the integrity, availability and privacy of all corporate information assets
• Working with ISO Risk Organization, support the Business Unit and IT executives through the process of prioritizing security initiatives and spending based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the corporate strategic plan.
• Ensures Identity and Access Management Services follows appropriate policies, procedures, operational considerations, IT change control, and IT risk and compliance management programs These efforts include (but are not limited to): Information Security Governance processes, Policies & Procedures, Audits, Metrics, and reporting in direct alignment with contractual, regulatory and compliance requirements.
• Support Business Unit and IT executives through the process of prioritizing security initiatives and spending based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the corporate strategic plan
• Manage, develop and mentor teams of Identity and Access Management professionals as well as contractors, vendors and services providers
• Support strategic and tactical security, risk mitigation and regulatory compliance guidance for all IT projects, including the evaluation of enterprise policies, processes, operating procedures and governance controls
• In alignment with the Company's growth and direction, assists in managing the development of budgets, controls and measurements to monitor progress
• Makes recommendations for succession planning
• Performs related duties as assigned

MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:

• Demonstrated ability and willingness to collaborate with others to insure consistent and high-quality results
• High level of personal integrity with the ability to professionally handle highly sensitive and confidential situations with Executives, Customers, and 3rd parties.
• Ability to easily defuse critical situations and manage escalations appropriately.
• Ability to communicate effectively both orally and in writing; ability to communicate with customers, associates, and management in a cross functional matrix organization; solid teamwork and interpersonal skills
• Ability to establish solid relationships with vendors in support of initiatives; ability to negotiate and manage outside vendors against deliverables.
• Solid project management skills including the ability to effectively deploy resources and manage multiple projects of various diverse scope in a matrix and cross-functional environment
• Solid knowledge of information security principles and practices
• Working knowledge of network solutions and systems
• Excellent track record communicating, managing complex projects and influencing others, in a diversified and international matrix organization. Adept at proposing, implementing, and managing change while prepared to question the “Status Quo”
• Ability to deal with ambiguity in a very dynamic and high speed and complex business environment.

• EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

• Bachelor’s Degree in Information Technology, Information Security and Assurance, Computer Science, Cyber Security or other related field or equivalent work experience.
• Typically requires 10+ years of combined IT and security work experience with a broad range of exposure to Identity and Access Management functions with a focus on Privileged Access Management and over 5 years’ experience designing and deploying Identity and Access Management solutions at the enterprise level.
• Experience leading technical teams in a large and complex environment to deliver related capabilities and services.
• Demonstrated successful implementation of security control frameworks and standards such as ISO 27001, ISO 17799, COBIT, ITIL, NIST and PCI.
• Certification in Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and/or equivalent business experience in a matrix Organization required.

What Cencora offers

All team members globally are provided with basic life insurance, personal accident insurance, business travel accident insurance, and EAP resources at no cost. Additional country-specific benefits such as healthcare, sick leave, death and disability, retirement, as well as perks and allowances may be provided. Details of programs vary by location.

Schedule

Full time

Affiliated CompaniesAffiliated Companies: AmerisourceBergen Services Corporation

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email [email protected]. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned