Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Summary:
Reporting to Sr Director of US Supply Chain Solutions, the Senior Manager of Supply Chain Cyber Resiliency will be the primary architect of Cencora's supply chain system cyber "bounce-back" capability. In an era of increasing digital complexity and sophisticated threats, the role will lead the planning and execution of a holistic strategy designed to ensure our supply chain technology and systems remain robust, compliant, and recoverable.
The role isn't just managing backups; they are ensuring that if the worst happens, our business doesn't stop. This critical role will sit at the intersection ofCybersecurity,Business Continuity, and GDATS Supply Chain Systems, owning the end-to-end resiliency lifecycle from vulnerability mitigation to immutable data recovery.
Key Responsibilities:
Vulnerability & Cyber Risk Management
Identify, assess, and prioritize cyber risks specific to the supply chain ecosystem (including third-party vendors and OT environments).
Collaborate with security teams, vendors and application owners to ensure proactive patching and threat modeling are integrated into supply chain operations.
Drive a proactive vulnerability management lifecycle specifically for supply chain systems (WMS, TMS, ERP), ensuring that critical security patches are prioritized based on business risk rather than just severity scores.
Collaborate with vendors and Business Risk Management teams to evaluate the cybersecurity posture of upstream and downstream partners, ensuring that third-party vulnerabilities do not become a "backdoor" into our internal ecosystem.
Business Resiliency & Impact Analysis (BIA)
Facilitate comprehensiveBusiness Impact Analyses (BIA)across all supply chain business units to map out interdependencies, Recovery Time Objectives (RTOs), and Recovery Point Objectives (RPOs).
Design end-to-endResiliency Plansthat provide "manual workaround" procedures for logistics and warehouse teams during digital outages, ensuring physical operations can continue while systems are restored.
Establish a cadence for plan reviews and tabletop exercises to ensure that resiliency playbooks evolve alongside the business's expanding digital footprint.
Disaster Recovery (DR) & Cyber Resiliency Program
Design, implement, and test a comprehensiveDisaster Recoveryframework tailored to global supply chain logistics.
Shift the focus from traditional DR toCyber Resiliency, ensuring systems can withstand and recover from active, malicious cyber-attacks (e.g., ransomware).
ServiceNow CMDB Coordination
Work with the functional owner of theServiceNow CMDBfor the supply chain domain.
Ensure high data integrity and "single source of truth" visibility into assets, dependencies, and configurations to facilitate rapid incident response.
Lead a rigorous, multi-tiered testing program, ranging from component-level failovers to full-scale regional DR drills, documenting gaps and driving remediation efforts to closure.
Partner with the Incident Response teams to ensure that DR execution is seamlessly integrated into the broader cyber incident response plan.
Other areas of responsibility
Manages cyber remediation programs with cross-functional teams and vendors to provide support to supply chain application security programs, inclusive of remediation strategies and efforts to protect infrastructure and 3rd party application vulnerabilities
Oversees the planning, execution, and management of cyber planning activities and engagements related to functional area of responsibility.
Develops key critical reports to be presented on vulnerabilities to stakeholders and serves as a subject matter expert (SME) for various cyber programs
Advises strategic and tactical direction and consultation on security initiatives and provides support and collaboration to ensure organizational objectives are met
Develops, refines and implements enterprise-wide security policies, procedures, and standards across multiple platform and application environments to meet internal and external compliance responsibilities
Supports documentation and tracking of policies, procedures, standards and system configurations and recommends and implements changes as necessary
Participates in goals/KPIs setting, budget creation and performance management of USSC Security Strategy team
Leads team in validating and evidence gathering for escalated security incidents and identifies root cause for application and/or network-related security issues and advises on remediation options
Contributes to the review of internal processes and activities and assists in identifying potential opportunities for improvement and further automation
Provides technical/management leadership on assignments and acts as a SME; provides technical and business process responses during training as required
Ensures technical and business alignment with other team members or departments including information security project design, implementation or monitoring, research and development on new processes and procedures for best practices
Coordinates, organizes and reports on application development, and infrastructure implementation and maintenance of various security initiatives
Leads the strategy, design, engineering and implementation of robust security strategies, frameworks, platforms, and solutions
Provides vision and leadership for the organization's overall cybersecurity... For full info follow application link.
Equal Opportunity Employer/Minority/Female/Disability/Veteran
