Cloud Security Engineer III

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

What you will be doing

Summary:

This role is responsible for supporting the planning, execution, and managing of multifaceted projects related to cyber, cloud, data security, risk management, mitigation and response, compliance, control assurance, and user awareness for all IT systems. Engineers III work on developing and driving security strategies, initiatives, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization, and providing expertise and assistance to ensure the company’s infrastructure and information assets are protected. They assist in updating, maintaining, and documenting security controls and provide direct support to the business and internal IT groups. They work directly with Lead Engineers, customers, third parties, and other internal departments and organizations to facilitate information security risk analysis and risk management processes and to identify acceptable levels of residual risk. They along with Engineers I and II perform security assessments, penetration testing and security attestations, monitor data security profiles, update, maintain and document security controls and provide direct support to the business and internal IT groups.

Primary Duties and Responsibilities:

• Conduct Proactive Research: Analyze security weaknesses in cloud environments, particularly Microsoft Defender for Cloud (CSPM and CWPP), Azure, and Microsoft 365, and recommend strategies to strengthen controls

• Support Security Initiatives: Assist with security initiatives in areas such as Cyber Operations, Incident Response, Threat Intelligence, Threat Hunting, Forensics, Vulnerability Management, and Data Analytics

• Develop Security Policies: Assist in the development, refinement, and implementation of enterprise-wide security policies and procedures to ensure compliance, particularly focusing on public cloud and SaaS environments like Salesforce and Microsoft 365

• Review Technical Designs: Review technical and functional design documents to build, maintain, and implement cybersecurity solutions, data security, and cloud security measures

• Contribute to Projects: Work on multiple projects as a key contributor, providing strategic and tactical direction and consultation on cloud security and cybersecurity initiatives

• Interface with Leaders: Communicate security issues to business and IT leaders, respond to requests for assistance and information, and provide security briefings on critical issues affecting the enterprise

• Analyze Metrics: Gather and analyze reporting, metrics, and key performance indicators for executive review to ensure security controls are effective

• Maintain SLAs: Work closely with the Lead Engineer to maintain service-level agreements (SLAs) and ensure security controls are upheld

• Implement Security Solutions: Collaborate with information security and line of business management to identify, formulate, and implement security solutions and controls, maintaining and configuring security tooling

• Coordinate with Engineers: Work with systems and network engineers to ensure servers and network devices conform to security standards, and security devices and controls function as designed.

• Engineer Security Controls: Develop and engineer security controls to protect data and systems, providing security policy guidance and consultation

• Collaborate on Cloud Security: Collaborate with other IT teams to improve cloud and application security measures, integrating new security applications and supporting existing one.

• Communicate Effectively: Communicate advanced information security concepts with clients, peers, all levels of management, and vendors effectively, focusing on cloud security posture management and SaaS Security Posture Management for platforms like Salesforce and Microsoft 365

Qualifications:

• Strong understanding of Microsoft Defender for Public Cloud, Azure security, and Microsoft 365 security

• Experience with Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP) and SaaS Security Posture Management (SSPM)

• Proficiency in implementing and managing cloud security solutions, particularly within Azure and Microsoft 365 environments.

• Knowledge of security best practices and compliance standards for cloud and SaaS platforms

• Ability to communicate complex security concepts effectively to various stakeholders

• Experience in conducting security assessments, penetration testing, and vulnerability management

Preferred Certifications:

• Microsoft Certified: Azure Security Engineer Associate

• Microsoft Certified: Security, Compliance, and Identity Fundamentals

• Certified Information Systems Security Professional (CISSP)

• Certified Cloud Security Professional (CCSP)

What your background should look like 

Education and Work Experience:

• Bachelor’s degree in computer science, Information Technology or any other related discipline or equivalent related experience

• 4+ years of directly related or relevant experience, preferably in information security

Preferred Certifications:

• Azure Security Engineer Certification Certified Cloud Security Professional (CCSP) Certification in Information Security Strategy Management (CISM) Certified Information Systems Security Professional (CISSP) CompTIA Security + Certification Systems Security Certified Practitioner (SSCP)

Behavioral Skills:

• Critical Thinking Detail Oriented Impact and Influencing Interpersonal Communication Multitasking Problem Solving

Technical Skills:

• Network Solutions and Systems Cybersecurity Data Security Cloud Security IT Risk Management Root Cause Analysis Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI) Application Architecture Threat Intelligence and Monitoring

Tools Knowledge:

• Microsoft Office Suite Programming and Development Languages JavaScript, HTML/CSS, Python, SQL Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.

What Cencora offers

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. 

To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more.

For details, visit https://www.virtualfairhub.com/cencora

Schedule

Full time

Salary Range*

$84,400 - 120,890

*This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York/Hawaii/Vermont State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range.

Affiliated Companies:Affiliated Companies: AmerisourceBergen Services Corporation

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned