Senior Director – Enterprise Security Architecture

Other Jobs To Apply

No other job posts for this day.

<div><div><div><div><div><div><div><div><div><div><div><div><div><div><p style="text-align:left">Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!</p></div></div></div></div></div></div></div></div></div></div></div></div></div></div><p style="text-align:inherit"></p><p style="text-align:inherit"></p><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><div><h1><b>Job Details</b></h1></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div></div><p style="text-align:inherit"></p><p style="text-align:inherit"></p><p><b><span>Summary:</span></b></p><p><br><span>The Senior Director of Enterprise Security Architecture (ESA) leads the definition, governance, and enforcement of enterprise-wide security architecture strategy for the enterprise. This leader is accountable for aligning cybersecurity architecture with business strategy, digital transformation, regulatory obligations, and risk appetite.<span>  </span>The role oversees reference architectures, security design standards, architecture review boards (ARB), security requirements engineering, and integration with Enterprise Architecture (EA), Cloud, Data, AI, Infrastructure, and Application domains. This role is responsible for building strong partnerships with technology teams, other corporate support functions, and other Information Security organizations to protect the corporate brand, data, and assets and is responsible for the design, implementation, operation, and maintenance of an information security framework, processes, and systems, that protect the business, services, information and systems against unauthorized use, disclosure, modification, damage, and loss.</span></p><p><span> </span></p><p><span>The position partners closely with the CISO, other Information Security Sr. Leaders, and other Technology Leadership teams to establish a vision and strategy required to ensure scalable, measurable, and continuously improving defense capabilities across all security domains in collaboration with other information security domain leaders and partner organizations.</span></p><p><br><span>Our employee experience is a strategic priority for our company. Our leaders are accountable for leading with purpose, fairness, and equity. They are responsible for building and developing diverse teams, maintaining a safe and inclusive environment, setting clear priorities, and holding self and team accountable for executing with excellence.</span></p><p></p><p><b><span>Primary Responsibilities:</span></b></p><ul><li><p><span>Define and maintain the enterprise security architecture vision and multi-year roadmap.</span></p></li><li><p><span>Align security architecture with corporate strategy, digital transformation, and technology modernization initiatives.</span></p></li><li><p><span>Establish target-state architectures incorporating Zero Trust principles in collaboration with other Information Security and Technology leaders.</span></p></li><li><p><span>Translate risk appetite into enforceable architectural guardrails.</span></p></li></ul><p></p><p><b><span>Develop and maintain standardized reference architectures for:</span></b><span><b> </b> </span></p><ul><li><p><span>Cloud and hybrid infrastructure</span><span> </span></p></li><li><p><span>Identity & Access Management</span></p></li><li><p><span>Data protection and privacy</span></p></li><li><p><span>Network segmentation</span></p></li><li><p><span>Application security</span></p></li><li><p><span>AI/GenAI security</span></p></li><li><p><span>OT/IoT (in partnership with OT sr. cybersecurity leadership)</span></p></li></ul><p></p><p><b><span>Additional Responsibilities: </span></b></p><ul><li><p><span>Ensure security-by-design integration into SDLC and platform engineering models.</span></p></li><li><p><span>Govern architecture artifacts across global business units.</span></p></li><li><p><span>Chair or co-chair the Security Architecture Review Board (SARB).</span></p></li><li><p><span>Define security architecture review processes and risk exception workflows.</span></p></li><li><p><span>Establish measurable design assurance criteria.</span></p></li><li><p><span>Partner with Enterprise Architecture for integrated technology governance.</span></p></li><li><p><span>Translate regulatory and risk requirements into technical control standards.</span></p></li><li><p><span>Ensure compliance with global regulatory regimes (e.g., HIPAA, GDPR, SOX, FDA/GxP where applicable).</span></p></li><li><p><span>Maintain or enforce enterprise security standards library mapped to NIST, ISO, SOC 2, PCI, HIPAA, GDPR, etc.</span></p></li><li><p><span>Enable reusable security requirement models for programs and projects.</span></p></li><li><p><span>Drive automation of control validation and policy-as-code enforcement.</span></p></li><li><p><span>Support regulatory readiness across global jurisdictions.</span></p></li><li><p><span>Ensure architecture supports data residency and sovereignty obligations.</span></p></li><li><p><span>Collaborate with Legal, Privacy, and Compliance on emerging regulatory impacts.</span></p></li><li><p><span>Provide defensible architecture documentation for audit and regulatory review.</span></p></li><li><p><span>Lead security architecture assessments for acquisitions.</span></p></li><li><p><span>Define integration and divestiture security blueprints.</span></p></li><li><p><span>Support large-scale ERP, digital, AI, and cloud transformation programs.</span></p></li><li><p><span>Establish rapid risk assessment models for new technologies.</span></p></li><li><p><span>Establish KPIs, OKRs, and performance dashboards.</span></p></li><li><p><span>Track control design effectiveness and systemic risk reduction.</span></p></li><li><p><span>Integrate architecture insights with cyber analytics programs.</span></p></li><li><p><span>Report enterprise architecture risk posture to executive leadership.</span></p></li><li><p><span>Lead global team of security domain architects.</span></p></li><li><p><span>Define operating model across centralized and federated teams.</span></p></li><li><p><span>Establish architecture career paths and technical competency frameworks.</span></p></li><li><p><span>Enterprise financial management and planning experience.</span></p></li></ul><p style="text-align:inherit"></p><p style="text-align:inherit"></p><p style="text-align:inherit"></p><p style="text-align:inherit"></p><p><b><span>Qualifications</span></b><span>:</span></p><p></p><p><b><span>Education</span></b><span>:</span></p><ul><li><p><span>Master’s Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.</span></p></li></ul><p><b><span> </span></b></p><p><b><span>Preferred Certifications:</span></b></p><ul><li><p><span>Certified Cloud Security Professional (CCSP)</span></p></li><li><p><span>Certified Information Systems Security Professional (CISSP)</span></p></li><li><p><span>Sherwood Applied Business Security Architecture (SABSA)</span></p></li><li><p><span>Open Group Architecture Framework (TOGAF) </span></p></li><li><p><span>Certified in Risk and Information Systems Control (CRISC)</span></p></li><li><p><span>Certification in Information Security Strategy Management (CISM)</span></p></li><li><p><span>Microsoft Certified: Cybersecurity Architect Expert (SC-100)</span></p></li><li><p><span>Information Technology Infrastructure Library (ITIL)</span></p></li><li><p><span>Offensive Security Certified Professional (OSCP)</span></p></li><li><p><span>Project Management Professional (PMP) Certification</span></p></li></ul><p></p><p><b><i><u><span>WORK EXPERIENCE:</span></u></i></b></p><ul><li><p><span>12+ years of directly-related or relevant experience with 8+ years in a managerial capacity, preferably in information security.</span></p></li></ul><p></p><p><b><i><u><span>SKILLS & KNOWLEDGE:</span></u></i></b></p><p><b><span> </span></b></p><p><b><span>Behavioral Skills:</span></b></p><ul><li><p><span>Coaching and Mentoring</span></p></li><li><p><span>Creativity & Innovation</span></p></li><li><p><span>Decision Making</span></p></li><li><p><span>Leadership Skills</span></p></li><li><p><span>People Management</span></p></li><li><p><span>Planning</span></p></li><li><p><span>Risk-taking</span></p></li></ul><p><b><span> </span></b></p><p><b><span>Technical Skills:</span></b></p><ul><li><p><span>IT Risk Management</span></p></li><li><p><span>IT Controls</span></p></li><li><p><span>Cyber Attack Mitigation</span></p></li><li><p><span>Enterprise IT Management</span></p></li><li><p><span>Cloud Security</span></p></li><li><p><span>Network Security</span></p></li><li><p><span>Identity & Access Management</span></p></li><li><p><span>Application Security</span></p></li><li><p><span>Service Level Maintenance</span></p></li><li><p><span>Information Security Strategy Continuity</span></p></li><li><p><span>Threat Modelling</span></p></li><li><p><span>Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)</span></p></li></ul><p><b><span> </span></b></p><p><b><span>Tools Knowledge:</span></b></p><ul><li><p><span>Security Tools – CSPM, CWPP, CDR, CNAPP, SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.</span></p></li><li><p><span>Security Testing Tools - Open Source and COTS security tools</span></p></li><li><p><span>Threat Intelligence Tools</span></p></li><li><p><span>Vulnerability Testing Tools</span></p></li></ul><p style="text-align:inherit"></p><p style="text-align:inherit"></p><h1><b><b><b>What Cencora offers</b></b></b></h1><p style="text-align:inherit"></p><p style="text-align:left"><span>We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members’ ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit </span><u><a href="https://www.virtualfairhub.com/cencora" target="_blank" rel="noopener noreferrer"><span><span><span><span><span><span><span><span class="WDL1"><span style="overflow-wrap: break-word; display: inline; text-decoration: inherit; hyphens: auto;">https://www.virtualfairhub.com/cencora</span></span></span></span></span></span></span></span></span></a></u></p><p style="text-align:inherit"></p><p style="text-align:inherit"></p>Full time<p style="text-align:inherit"></p><p style="text-align:inherit"></p><h1><span class="emphasis-3"><b><b><b><b>Equal Employment Opportunity</b></b></b></b></span></h1><h1></h1><p style="text-align:left">Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.</p><p style="text-align:inherit"></p><p style="text-align:left">The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.</p><p style="text-align:inherit"></p><p style="text-align:left">Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email <a href="mailto:hrsc@amerisourcebergen.com" target="_blank" rel="noopener noreferrer"><span><span><span>hrsc@cencora.com</span></span></span></a>. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned</p><p style="text-align:inherit"></p><p style="text-align:inherit"></p><h1><b><b><b>Affiliated Companies</b></b></b></h1>Affiliated Companies: AmerisourceBergen Services Corporation

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...