Sr Dir - Information Security

Cencora•Conshohocken, PA

About The Position

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today! Job Details JOB PROFILE SUMMARY The Senior Director, Customer and Cloud IAM is responsible for building strong partnerships with business units, technology teams, corporate support functions, and the user community to protect the corporate brand, data, and digital assets. This role leads the design, implementation, operation, and continuous improvement of an enterprise-wide identity and access management framework covering both customer identity (CIAM) and cloud-native IAM capabilities. As a senior leader within Information Security, this role delivers security and compliance services for an assigned business segment while also leading an ISO center of excellence focused on identity security. The Senior Director establishes a unified vision and strategy for IAM across customer-facing and cloud environments, driving secure digital engagement, protecting cloud workloads, enabling modern DevSecOps practices, and supporting business growth with secure, frictionless identity services. The role provides strategic, operational, and financial leadership for IAM capabilities, ensuring enterprise-wide alignment with security architecture, application security, data protection, and infrastructure security practices. This leader ensures adoption of effective information security controls, strong identity governance, and broad organizational awareness of identity security principles. The preference is for candidates to be located within a reasonable distance of our Conshohocken, PA or Carrollton, TX offices. However, individuals in other locations will also be considered. Those not based near a primary site should expect to travel to these locations as needed.

Requirements

Education: Master’s Degree in Business Administration, Computer Science, Information Technology or any other related discipline or equivalent related experience.
12+ years of directly-related or relevant experience with 8+ years in a managerial capacity, preferably in information security.
Behavioral Skills: Coaching and Mentoring Creativity & Innovation Decision Making Leadership Skills People Management Planning Risk-taking
Technical Skills: IT Risk Management IT Controls Cyber Attack Mitigation Enterprise IT Management Network Security Service Level Maintenance Information Security Strategy Continuity Threat Modelling Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)
Tools Knowledge: Microsoft Office Suite Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc. Security Testing Tools - Open Source and COTS security tools Threat Intelligence Tools Vulnerability Testing Tools

Nice To Haves

Preferred Certifications: Certified Information Systems Auditor (CISA) Certified Information Systems Security Professional (CISSP) Certification in Information Security Strategy Management (CISM) Information Technology Infrastructure Library (ITIL) Offensive Security Certified Professional (OSCP) Project Management Professional (PMP) Certification

Responsibilities

Serve as a key participant in developing the vision, strategy, and roadmap for IAM programs, services, and platforms globally.
Develop and execute an enterprise-wide strategy that unifies CIAM and cloud-native IAM capabilities under a cohesive identity vision.
Serve as the senior leader responsible for identity security across customer-facing digital channels and cloud environments.
Provide executive direction for IAM roadmaps, ensuring alignment with enterprise digital engagement, cloud adoption, security, and compliance strategies.
Build trusted partnerships across cybersecurity, cloud engineering, product management, application development, and customer experience teams.
Embed CIAM and cloud IAM capabilities into digital products, services, and cloud architectures.
Lead delivery of cloud-native IAM capabilities across SaaS, IaaS, and PaaS environments (AWS, Azure, GCP).
Enable dynamic, policy-driven, just‑in‑time access to cloud resources through automation, workload identity, secrets management, and entitlement management.
Integrate IAM with DevOps workflows and CI/CD pipelines to support secure cloud application delivery.
Evaluate cloud IAM tools and platforms, manage vendor relationships, and ensure alignment with enterprise architecture and security standards.
Ensure cloud IAM capabilities meet regulatory and policy requirements, including NIST, SOX, ISO 27001, internal security controls, and zero trust principles.
Own strategy, design, and delivery of a unified CIAM platform supporting secure, seamless customer identity experiences across all portals, applications, and digital channels.
Oversee capabilities including customer registration, authentication, consent management, identity federation, and profile orchestration.
Ensure secure API identity and access management, including token-based access, client authentication, and integration with internal and external digital ecosystems.
Drive adoption of modern identity standards (OAuth2, OIDC, SAML) and ensure CIAM solutions meet data privacy and regulatory obligations (e.g., GDPR, CCPA).
Define CIAM product KPIs such as onboarding success, authentication performance, customer identity assurance, and support volume metrics.