Senior Principal Engineer - Information Security

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Summary:
The Senior Principal Engineer - Information Security serves as a strategic advisor and technical authority, leading complex, enterprise-wide initiatives across risk management, compliance, threat mitigation, and user awareness. This role partners cross-functionally with security, IT, product, and engineering teams to architect and implement resilient defense controls that safeguard the organization's infrastructure and intellectual property. With deep expertise across all domains of Information Security and mastery in several, the engineer drives secure design practices, influences enterprise technology decisions, and ensures alignment with evolving threat landscapes and regulatory demands. Recognized internally and externally as a thought leader, where the individual shapes operational strategies with direct business impact, advises executive leadership on matters of strategic importance, and solves complex, multi-dimensional challenges. The Senior Principal Engineer leads the development and enforcement of security policies and standards, mentors other professionals, and manages critical processes and programs using advanced technical knowledge. Their contributions are central to the company's IT strategy, resilience, and long-term security posture.
Responsibilities:

• Analyze trends, news, and changes in the threat and compliance landscape; advise leadership and execute plans for risk mitigation and compliance.
• Lead and coordinate responses to information system security incidents, including investigation, countermeasures, and recovery; engage with third-party responders.
• Recommend and oversee implementation of security controls throughout the acquisition, development, and change management lifecycle of information systems.
• Provide technical leadership on large-scale, complex, and highly analytical security projects.
• Plan and lead upgrades to security tools and measures to protect information systems and networks.
• Develop methodologies for monitoring and responding to security events; lead remediation efforts for cybersecurity incidents.
• Guide network and system administrators in maintaining infrastructure security, improving performance, and automating administration from a security perspective.
• Mentor and coach ISO Engineers, providing technical guidance and oversight.
• Ensure service-level agreements (SLAs) are maintained to uphold security controls.
• Lead the implementation of enterprise-wide security policies, procedures, and standards across diverse platforms and applications.
• Interface with business and IT leaders to communicate security issues and respond to requests for information and support.
• Refine and enforce security policies and standards to meet internal and external compliance requirements.
• Collaborate with senior technical executives and IT teams to design and implement security systems that protect both physical and intangible assets.
• Review technical and functional design documents; build, maintain, and implement cybersecurity, data security, and cloud security solutions.
• Advise business and technical teams on the potential impacts of changes to the security environment.
• Deliver security briefings to inform leadership of critical issues affecting the enterprise.
• Analyze and generate insights from security metrics and KPIs for executive-level reporting.
• Responds to security alerts and escalates critical incidents to correct support teams and participates in incident response exercises
• Serves as a subject matter expert (SME) for product research and development teams, working closely with software engineers, product management and development, and divisional and corporate information systems

Qualifications:
Education:

• Bachelor's Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience.

Preferred Certifications:

• Azure Security Engineer Certification
• Certified Cloud Security Professional (CCSP)
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security + Certification
• Systems Security Certified Practitioner (SSCP)

Work Experience:

• Eight (8) or more years of directly-related or relevant experience, preferably in information security.

Behavioral Skills:

• Conflict Resolution
• Creativity & Innovation
• Decision Making
• Assertiveness
• Influencing Skills
• Planning
• Presentation Skills
• Risk-taking

Technical Skills:

• Network Solutions and Systems
• Cybersecurity
• Root Cause Analysis
• Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)
• Advanced Encryption
• Application Architecture
• Identity and Access Management
• IT Risk Management
• Threat Modelling

Tools Knowledge:

• Microsoft Office Suite
• Programming and Development Languages - JavaScript, HTML/CSS, Python, SQL
• Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.

What Cencora offers
We provide compensation, benefits, and resources that enable a highly inclusive culture and support our team members' ability to live with purpose every day. In addition to traditional offerings like medical, dental, and vision care, we also provide a comprehensive suite of benefits that focus on the physical, emotional, financial, and social aspects of wellness. This encompasses support for working families, which may include backup dependent care, adoption assistance, infertility coverage, family building support, behavioral health solutions, paid parental leave, and paid caregiver leave. To encourage your personal growth, we also offer a variety of training programs, professional development resources, and opportunities to participate in mentorship programs, employee resource groups, volunteer activities, and much more. For details, visit https://www.virtualfairhub.com/cencora
Full time
Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email [email protected]. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned
Affiliated Companies
Affiliated Companies: AmerisourceBergen Services Corporation