Application Security Engineer, Team Lead (remote)

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

What you will be doing

Individuals within Cencora’s Technical-Administration organization are responsible for secure and robust operations of highly available computing platforms, servers, and business applications. Operational activities include installation, upgrade-and-maintenance and continually securing IT assets.

We are building a strong cross-functional, hybrid capability and seek a passionate, skilled Application Security Engineer, Team Lead with strong experience in Application-Integration and/or ERP to join our growing team. In this role, you will play a critical role in safeguarding our applications by identifying and mitigating security vulnerabilities. You will collaborate with application administrators to implement industry-leading security measures.

The primary responsibility of the individual will be to create a collection of application-tier security-controls and build top-of-the-line tools and applications that will aid in further securing IT assets for Cencora’s Technical-Administration organization.

• Security:

  • Lead security-strengthening requirements for the business applications

  • Pro-actively adhere to strict security standards & Best Practices set forth by various vendors (SAP & IBM)

  • Pro-actively monitor & report application-impact due to security-vulnerabilities

  • Make recommendations to improve security for Application-Tier

• Information Security Administration:

  • Strategize and execute security-roadmap for business applications

  • Lead initiatives for reports & tools on security updates & violations

  • Continually assess and investigate threats to business applications Work with Information Security, where needed, in investigations and/or audits/assessments of systems

• Design/Develop:

  • Lead & orchestrate the design & develop of tools to securely integrate in to business applications

  • Automated application-tier validations after regular maintenance tasks

  • Automated load & stress-tests

• Policies, Procedures, and Standards:

  • Ensure compliance with policies, procedures and standards

• OS Administrators Operating System Administration:

  • Generate processes to ensure appropriate user privileges and access are granted, ensuring data-integrity and security is met

  • Work across teams to ensure OS system upgrades and service pack deployments are implemented with minimal impact to production operation

  • Recommend updates to operating systems to deliver cost benefits without reducing production performance and availability

  • Analyze data from monitoring activities and define comprehensive, system wide improvements

  • Monitor performance and proactively identifies uptime issues, making recommendations for eliminating those issues

  • Develop plans to adopt new technology

What your background should look like 

• Bachelors degree or technical institute degree/certificate or equivalent work experience.

• Typically requires a minimum of ten (10) or more years of relevant experience of securing IT assets and/or administrating integration/infrastructure solutions

• Relevant certification is preferred

• Requires strong knowledge and experience with multiple infrastructure solutions

• Operating System Skills: Linux (SUSE, RHEL, CentOS, Ubuntu) & Windows

• Application-Tier security-architecture and administration for one of the following applications:

Middleware (such as IBM MQ and WebSphere Application Server)

EDI (such as Sterling B2B Integrator)

SAP Basis (Netweaver ABAP & Java) and S/4HANA

Proven track-record of:

• Securing and hardening of platform-tier and application-tier

• Securing configuration of application-tier, deployments and integration

• Maintaining & remediating security algorithms and protocols (TLS, ciphers, ssh)

• SAML and OAUTH solutions

• LDAP/Active-Directory & ACL

• Encryption-at-rest & encryption-at-transit

• Automating Application-Security Testing (SCA, IAST, SAST, DAST, et cetera)

• Researching of vendor-provided (IBM or SAP) product-release notes, security-release notes, CVE/CVSS3 impact-assessments for applications

• Leadership in collaboration, with excellent verbal and written skills

• Strong organization skills

• Good analytical and problem solving skills

• Ability to communicate effectively both orally and in writing

• Good interpersonal skills; solid team player

• Ability to and willingness to mentor team members

• Knowledge of client/server technology

• Exceptional customer service skills

• Good group presentation skills

• Experience with scripting technologies highly recommended (e.g Puppet, Chef)

• Extensive knowledge of troubleshooting complex technology performance problems

• Ability to lead and drive complex projects across multiple technologies

• Knowledge of ITIL

Requires experience with Two (2) or more of these skills:

• SecOps, Threat-Intelligence, Disaster-Recovery and Incident-Response, Vulnerability-Assessment, Pen-Testing & reporting

• Web-building skills, or more of the following: Javascript, JSP, Ruby

• Automation skills, one or more of the following: Python, bash shell, Perl, Ansible/AWX, Chef, Terraform​

What Cencora offers

We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. 

To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more.

For details, visit https://www.virtualfairhub.com/amerisourcebergen

Schedule

Full time

Salary Range*

$95,800 - 147,620

*This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range.

Affiliated Companies:Affiliated Companies: AmerisourceBergen Services Corporation

Equal Employment Opportunity

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@amerisourcebergen.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned