Information Security Manager at AmerisourceBergen

AmerisourceBergen AmerisourceBergen fosters a positive impact on healthcare around the world by advancing the development and delivery of pharmaceuticals and healthcare products.

View company page

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today

What you will be doing

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today

What you will be doing

Under general direction of the ISO, this position is responsible for managing the development, implementation and management of multiple services, capabilities, controls, and relevant components of the Information Security management framework at the enterprise level supporting one or more assigned AmerisourceBergen business units and affiliates.

PRIMARY DUTIES AND RESPONSIBILITIES:

• Participate in the design and manage the implementation of an Information Security Management System (ISMS) which includes appropriate policies, procedures, operational considerations, IT change control, and IT risk and compliance management programs. These efforts include (but are not limited to): Information Security Governance processes, Policies & Procedures, Audits, Metrics and reporting in direct alignment with contractual, regulatory and compliance requirements.
• Directly partner with the enterprise Finance, Legal, Audit and Compliance executives to support Internal and External Audits (SOX, COBIT, IT Controls).
• Support the Business Unit and IT executives through the process of prioritizing security initiatives and spending based on relevant business risk and regulatory compliance issues, financial implications, and alignment with the strategic plan.
• Support strategic and tactical security, risk mitigation and regulatory compliance guidance for all IT projects, including the evaluation of information security policies, processes, operating procedures, and governance controls.
• Lead the development, implementation, and management of relevant metrics to measure the efficiency and effectiveness of the information security management systems (ISMS), risk management and related compliance programs.
• Drive the development, implementation, and management of an enterprise Information Security & Privacy Training & Awareness program to assure the workforce is knowledgeable of policies, best practices, and relevant security and data privacy guidance appropriate to their role in the organization.
• Drive the tracking and resolution of Audit findings and remediation activities and support external and customer security audits.
• Develop and implement appropriate metrics and KPIs and provide regular reporting on the information security program maturity, risk posture and management, and regulatory compliance.

EXPERIENCE AND EDUCATIONAL REQUIREMENTS:

· 6-8 years progressively responsible experience in the design, implementation, and management of Information Security Shared services for a global corporation (Fortune 500)

· Experience managing functional business and technical teams in a large and complex environment to deliver related capabilities and services.

· Seasoned manager of professionals and cross functional teams, who can develop and retain top talent in the field.

· Demonstrated success in managing an Information Security Framework, solution, and service for a cross functional corporation.

· Extensive experience with healthcare regulatory and information security guidelines, audits as well as external audit processes and requirements

· Demonstrated successful implementation of security control frameworks and standards such as ISO 27001, ISO 17799, COBIT, ITIL, NIST and PCI.

· Certification in Information Security relevant areas such as Audit (CISA), Security Management (CISM), Security Professional (CISSP) and/or equivalent business experience in a matrix Organization required.

· Directly applicable International / Global Experience desired.

· Excellent understanding of IT Security & Risk Management, strategic planning and the related tactical initiatives needed to achieve the plan.

· Understanding of financial management and departmental budgeting desired.

What your background should look like

MINIMUM SKILLS, KNOWLEDGE AND ABILITY REQUIREMENTS:

· Demonstrated ability to effectively present, manage conflicts and interact at Senior Executive levels (CEO, CIO, CFO and Controller) and resolve critical and sensitive issues with external partners and customers.

· Demonstrated ability to meet objectives, deliver quality results in a high-performance environment.

· Excellent skills interacting and mediating sensitive situations at all levels of the organization and with external customers and auditors.

· Ability to easily defuse critical situations and manage escalations appropriately.

· Ability to communicate effectively both orally and in writing; ability to communicate with customers, associates, and management in a cross functional matrix organization; solid teamwork and interpersonal skills.

· Strong presentation skills, ability to present and discuss business issues, strategies as well as technical information in a manner that establishes rapport, persuades others, and gains understanding at all levels of the organization.

· Ability to establish solid relationships with vendors in support of initiatives; ability to negotiate and manage outside vendors against deliverables.

· Good business and financial planning, analytical, and conceptual skills to evaluate business risks and apply knowledge to identify appropriate solutions.

· Solid project management skills including the ability to effectively deploy resources and manage multiple projects of various diverse scope in a matrix and cross-functional environment.

· Solid knowledge of information security principles and practices

· Excellent interpersonal, communication and collaboration skills to successfully interact and influence employees and key business partners and providers at all levels.

· Excellent track record communicating, managing complex projects, and influencing others, in a diversified and international matrix organization. Adept at proposing, implementing, and managing change while prepared to question the Status Quo.

· High level of personal integrity with the ability to professionally handle highly sensitive and confidential situations with Executives, Customers, and 3rd parties.

· Ability to deal with ambiguity very dynamic and high speed and complex business environment.

· Demonstrated ability to serve as a respected member of a senior management team and effectively communicate security-related concepts to a broad range of technical and non-technical management and staff, including executive management.

What Cencora offers

All team members globally are provided with basic life insurance, personal accident insurance, business travel accident insurance, and EAP resources at no cost. Additional country-specific benefits such as healthcare, sick leave, death and disability, retirement, as well as perks and allowances may be provided. Details of programs vary by location.

ScheduleFull timeAffiliated CompaniesAffiliated Companies: World Courier Holland B.V.Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call or email . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Regions: Remote/Anywhere Africa Europe Middle East

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.

#J-18808-Ljbffr

---