Cyber Risk Analyst-III (remote)

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!

The Cyber Risk Analyst III will play a critical role in supporting the Information Security Risk Management team’s efforts to mature the governance, development, execution, and sustainability of the Third-Party Cyber Risk Assessment program. This fully remote position involves managing the end-to-end process to ensure that Cencora’s third-party risks are properly identified, evaluated, mitigated, and monitored.

1. Collaborate effectively with business owners to gather necessary information for conducting thorough cyber risk assessments on third parties.
2. Work closely with IT and Legal teams to review third-party contracts, ensuring that assessment findings and issues are appropriately documented.
3. Facilitate governance activities to enhance collaboration among Third-Party Risk Management (TPRM) stakeholders on issues management and risk mitigation.
4. Contribute to the design, development, and improvement of TPRM metrics, scorecards, and reports to support performance management, program advancements, and leadership communication.
5. Prepare detailed presentations and reports for stakeholders and senior leadership regarding TPRM program activities and third-party risks.
6. Assess and address change impacts on the business and stakeholders when implementing enhancements to third-party risk management activities.
7. Identify and pursue opportunities to improve the experience of business representatives by streamlining TPRM activities.
8. Manage, mentor, and evaluate junior team members to achieve departmental goals and objectives efficiently and accurately.
9. Perform other related duties as assigned.

• Bachelor’s Degree in Computer Science, Information Technology or related discipline or equivalent experience.

• Certified Cloud Security Professional (CCSP)
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security+ Certification
• Systems Security Certified Practitioner (SSCP)
• TS-SCI Security Clearance Certification

• Four (4) or more years of relevant experience, preferably in information security.

• Critical Thinking
• Detail Oriented
• Impact and Influencing
• Interpersonal Communication
• Multitasking
• Problem Solving

• Application Architecture
• Cybersecurity
• Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)
• IT Risk Management
• Network Solutions and Systems
• Programming and Development
• Root Cause Analysis
• Software Development Life Cycle (SDLC)
• Threat Modelling

• Microsoft Office Suite
• Programming Languages - JavaScript, HTML/CSS, Python, SQL
• Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, VPN, IDS/IPS, Proxies, etc.

We provide compensation, benefits, and resources that support an inclusive culture and your well-being. Our offerings include medical, dental, vision, and a comprehensive suite of wellness programs, support for working families, training, and development opportunities. For details, visit https://www.virtualfairhub.com/cencora.

Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status, or membership in any other protected class. We also provide reasonable accommodations for individuals with disabilities during the employment process. To request an accommodation, contact us at 888.692.2272 or hrsc@cencora.com.

Affiliated Companies: AmerisourceBergen Services Corporation