Cloud Security Engineer III
USA - TX - Remote
AmerisourceBergen
AmerisourceBergen fosters a positive impact on healthcare around the world by advancing the development and delivery of pharmaceuticals and healthcare products.Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
What you will be doingSummary:
This role is responsible for supporting the planning, execution, and managing of multifaceted projects related to cyber, cloud, data security, risk management, mitigation and response, compliance, control assurance, and user awareness for all IT systems. Engineers III work on developing and driving security strategies, initiatives, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization, and providing expertise and assistance to ensure the company’s infrastructure and information assets are protected. They assist in updating, maintaining, and documenting security controls and provide direct support to the business and internal IT groups. They work directly with Lead Engineers, customers, third parties, and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They along with Engineers I and II perform security assessments, penetration testing and security attestations, monitor data security profiles, update, maintain and document security controls and provide direct support to the business and internal IT groups.
Primary Duties and Responsibilities:
Conduct Proactive Research: Analyze security weaknesses in cloud environments, particularly Microsoft Defender for Cloud (CSPM and CWPP), Azure, and Microsoft 365, and recommend strategies to strengthen controls
Support Security Initiatives: Assist with security initiatives in areas such as Cyber Operations, Incident Response, Threat Intelligence, Threat Hunting, Forensics, Vulnerability Management, and Data Analytics
Develop Security Policies: Assist in the development, refinement, and implementation of enterprise-wide security policies and procedures to ensure compliance, particularly focusing on public cloud and SaaS environments like Salesforce and Microsoft 365
Review Technical Designs: Review technical and functional design documents to build, maintain, and implement cybersecurity solutions, data security, and cloud security measures
Contribute to Projects: Work on multiple projects as a key contributor, providing strategic and tactical direction and consultation on cloud security and cybersecurity initiatives
Interface with Leaders: Communicate security issues to business and IT leaders, respond to requests for assistance and information, and provide security briefings on critical issues affecting the enterprise
Analyze Metrics: Gather and analyze reporting, metrics, and key performance indicators for executive review to ensure security controls are effective
Maintain SLAs: Work closely with the Lead Engineer to maintain service-level agreements (SLAs) and ensure security controls are upheld
Implement Security Solutions: Collaborate with information security and line of business management to identify, formulate, and implement security solutions and controls, maintaining and configuring security tooling
Coordinate with Engineers: Work with systems and network engineers to ensure servers and network devices conform to security standards, and security devices and controls function as designed.
Engineer Security Controls: Develop and engineer security controls to protect data and systems, providing security policy guidance and consultation
Collaborate on Cloud Security: Collaborate with other IT teams to improve cloud and application security measures, integrating new security applications and supporting existing one.
Communicate Effectively: Communicate advanced information security concepts with clients, peers, all levels of management, and vendors effectively, focusing on cloud security posture management and SaaS Security Posture Management for platforms like Salesforce and Microsoft 365
Qualifications:
Strong understanding of Microsoft Defender for Public Cloud, Azure security, and Microsoft 365 security
Experience with Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP) and SaaS Security Posture Management (SSPM)
Proficiency in implementing and managing cloud security solutions, particularly within Azure and Microsoft 365 environments.
Knowledge of security best practices and compliance standards for cloud and SaaS platforms
Ability to communicate complex security concepts effectively to various stakeholders
Experience in conducting security assessments, penetration testing, and vulnerability management
Preferred Certifications:
Microsoft Certified: Azure Security Engineer Associate
Microsoft Certified: Security, Compliance, and Identity Fundamentals
Certified Information Systems Security Professional (CISSP)
Certified Cloud Security Professional (CCSP)
Education and Work Experience:
Bachelor’s degree in computer science, Information Technology or any other related discipline or equivalent related experience
4+ years of directly related or relevant experience, preferably in information security
Preferred Certifications:
Azure Security Engineer Certification Certified Cloud Security Professional (CCSP) Certification in Information Security Strategy Management (CISM) Certified Information Systems Security Professional (CISSP) CompTIA Security + Certification Systems Security Certified Practitioner (SSCP)
Behavioral Skills:
Critical Thinking Detail Oriented Impact and Influencing Interpersonal Communication Multitasking Problem Solving
Technical Skills:
Network Solutions and Systems Cybersecurity Data Security Cloud Security IT Risk Management Root Cause Analysis Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI) Application Architecture Threat Intelligence and Monitoring
Tools Knowledge:
Microsoft Office Suite Programming and Development Languages JavaScript, HTML/CSS, Python, SQL Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave.
To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more.
For details, visit https://www.virtualfairhub.com/cencora
ScheduleFull timeSalary Range*$84,400 - 120,890*This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York/Hawaii/Vermont State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range.
Affiliated Companies:Affiliated Companies: AmerisourceBergen Services CorporationEqual Employment OpportunityCencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned
Tags: Analytics Application security Azure CCSP CISM CISSP Cloud COBIT Compliance CompTIA Computer Science CSPM Data Analytics EDR Firewalls Forensics IDS Incident response IPS ISO 27001 ITIL JavaScript Monitoring NIST Pentesting Python Risk analysis Risk management SaaS Security assessment Security strategy SIEM SLAs SOAR SOX SQL SSCP Strategy Threat intelligence VPN Vulnerability management
Perks/benefits: Career development Health care Medical leave Parental leave Team events Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Operations Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Specialist jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open SOC-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open Threat intelligence-related jobs
- Open DoD-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs