at AMERISOURCEBERGEN SERVICES CORPORATION in Romeoville, Illinois, United States
Job Description
Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
What you will be doing
Summary:
This role is responsible for supporting the planning, execution, and managing of multifaceted projects related to cyber, cloud, data security, risk management, mitigation and response, compliance, control assurance, and user awareness for all IT systems. Engineers III work on developing and driving security strategies, initiatives, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization, and providing expertise and assistance to ensure the company's infrastructure and information assets are protected. They assist in updating, maintaining, and documenting security controls and provide direct support to the business and internal IT groups. They work directly with Lead Engineers, customers, third parties, and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They along with Engineers I and II perform security assessments, penetration testing and security attestations, monitor data security profiles, update, maintain and document security controls and provide direct support to the business and internal IT groups.
Primary Duties and Responsibilities:
Conduct Proactive Research: Analyze security weaknesses in cloud environments, particularly Microsoft Defender for Cloud (CSPM and CWPP), Azure, and Microsoft 365, and recommend strategies to strengthen controls
Support Security Initiatives: Assist with security initiatives in areas such as Cyber Operations, Incident Response, Threat Intelligence, Threat Hunting, Forensics, Vulnerability Management, and Data Analytics
Develop Security Policies: Assist in the development, refinement, and implementation of enterprise-wide security policies and procedures to ensure compliance, particularly focusing on public cloud and SaaS environments like Salesforce and Microsoft 365
Review Technical Designs: Review technical and functional design documents to build, maintain, and implement cybersecurity solutions, data security, and cloud security measures
Contribute to Projects: Work on multiple projects as a key contributor, providing strategic and tactical direction and consultation on cloud security and cybersecurity initiatives
Interface with Leaders: Communicate security issues to business and IT leaders, respond to requests for assistance and information, and provide security briefings on critical issues affecting the enterprise
Analyze Metrics: Gather and analyze reporting, metrics, and key performance indicators for executive review to ensure security controls are effective
Maintain SLAs: Work closely with the Lead Engineer to maintain service-level agreements (SLAs) and ensure security controls are upheld
Implement Security Solutions: Collaborate with information security and line of business management to identify, formulate, and implement security solutions and controls, maintaining and configuring security tooling
Coordinate with Engineers: Work with systems and network engineers to ensure servers and network devices conform to security standards, and security devices and controls function as designed.
Engineer Security Controls: Develop and engineer security controls to protect data and systems, providing security policy guidance and consultation
Collaborate on Cloud Security: Collaborate with other IT teams to improve cloud and application security measures, integrating new security applications and supporting existing one.
Communicate Effectively: Communicate advanced information security concepts with clients, peers, all levels of management, and vendors effectively, focusing on cloud security posture management and SaaS Security Posture Management for platforms like Salesforce and Microsoft 365
Qualifications:
Strong understanding of Microsoft Defender for Public Cloud, Azure security, and Microsoft 365 security
Experience with Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP) and SaaS Security Posture Management (SSPM)
Proficiency in implementing and managing cloud security solutions, particularly within Azure and Microsoft 365 environments.
Knowledge of security best practices and compliance standards for cloud and SaaS platforms
Ability to communicate complex security concepts effectively to various stakeholders
Experience in conducting security... For full info follow application link.
Equal Opportunity Employer/Minority/Female/Disability/Veteran
