Director, Information Security - Customer Trust & Business Enablement

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Summary:
We are seeking a highly skilled and experienced Director of Information Security - Customer Trust & Business Enablement to lead critical functions within our Information Security program. This role will be responsible for building and maintaining trust with customers by managing customer audit responses, implementing and overseeing a customer trust center, and driving initiatives that enable secure business operations. The ideal candidate will also oversee activities related to governance, risk, and compliance (GRC), including cyber insurance, ESG (Environmental, Social, and Governance) matters, and collaboration with cross-functional teams such as PMO (Project Management Office) and IT Business Management.
As a trusted leader, the Director will develop and execute strategic roadmaps, ensure alignment with business objectives, and facilitate operational excellence through the creation and oversight of standard operating procedures (SOPs). This position reports to the VP of Information Security and will work closely with internal stakeholders, customers, and external auditors.
Primary Duties & Responsibilities:
Customer Trust & Business Enablement

• Lead and manage the Customer Audit Response Process, ensuring timely, accurate, and transparent communication of the organization's security posture to customers.
• Develop, implement, and manage the Customer Trust Center, serving as a centralized resource for customer security communications, FAQs, certifications, and other trust-building materials.
• Oversee customer contract reviews, specifically addressing information security and privacy clauses to ensure compliance with organizational policies and regulatory requirements.
• Facilitate the creation and delivery of customer security reports, including SOC 2, ISO 27001, and other relevant certifications or attestation documents.
• Act as the primary liaison between customers and the information security team to address customer concerns and inquiries related to cybersecurity.

Governance, Risk, and Compliance (GRC)

• Develop and maintain SOPs (Standard Operating Procedures) for the team, ensuring consistent and efficient execution of GRC-related processes.
• Create and manage Cyber GRC Roadmaps, outlining strategic priorities, milestones, and deliverables for the GRC organization.
• Provide support for cyber insurance processes, including risk assessments, policy renewals, and coordination with internal and external stakeholders.
• Support the organization's ESG initiatives by addressing cybersecurity-related matters, such as data privacy, security metrics, and compliance with ESG standards.

Cross-Functional Collaboration

• Collaborate with the PMO (Project Management Office) and IT Business Management Teams to facilitate the development and tracking of project plans related to the GRC organization.
• Serve as a key interface between Information Security and other business units to ensure alignment of security, compliance, and business objectives.
• Drive cross-departmental initiatives and projects that enable business growth while maintaining a strong cybersecurity posture.

Strategic Leadership

• Provide visionary leadership to the Customer Trust and Business Enablement team, fostering a culture of collaboration, innovation, and continuous improvement.
• Develop metrics and KPIs to track the performance and effectiveness of customer trust and GRC initiatives.
• Stay informed on industry trends, emerging threats, and regulatory changes to ensure the organization remains proactive and compliant.
• Act as a trusted advisor to senior leadership, providing insights and recommendations regarding customer trust, GRC, and business enablement strategies.

Qualifications:
Education and Experience:

• Bachelor's degree in Information Security, Cybersecurity, Computer Science, Business Administration, or a related field (Master's degree preferred).
• 8+ years of experience in Information Security, Governance, Risk, and Compliance (GRC), or a related field.
• 5+ years of leadership experience managing teams and driving cross-functional initiatives.

Skills and Competencies

• Deep understanding of information security frameworks and standards (e.g., NIST CSF, ISO 27001, SOC 2).
• Strong knowledge of GRC principles, customer audit response, and security compliance requirements.
• Experience with customer contract reviews related to cybersecurity and privacy clauses.
• Demonstrated ability to develop and execute strategic roadmaps and operational plans.
• Familiarity with cyber insurance processes and ESG reporting for cybersecurity matters.
• Exceptional project management skills with experience interfacing with PMOs and IT business management teams.
• Excellent communication and interpersonal skills, with a proven ability to build trust with customers and internal stakeholders.
• Strong problem-solving and decision-making skills, with the ability to manage competing priorities in a fast-paced environment.

Certifications (Preferred):

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• ISO 27001 Lead Auditor or Implementer
• Project Management Professional (PMP)

Key Competencies:

• Customer Focus: Demonstrates a deep commitment to building and maintaining customer trust through transparency and responsiveness.
• Leadership: Inspires and motivates teams to achieve shared goals while fostering a culture of accountability and collaboration.
• Strategic Thinking: Balances long-term vision with tactical execution to achieve business and security objectives.
• Collaboration: Works effectively across teams and departments to drive alignment and achieve organizational goals.
• Continuous Improvement: Continuously seeks opportunities to optimize processes, reduce risk, and enhance the customer experience.

What Cencora offers
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora
Full time
Salary Range*
$124,000 - 190,850
*This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington/New York/Hawaii/Vermont/Minnesota/Massachusetts/Illinois State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range.
Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email [email protected]. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned
Affiliated Companies:
Affiliated Companies: AmerisourceBergen Services Corporation