Senior Director – Enterprise Security Architecture
Company: Cencora
Location: Carrollton
Posted on: April 1, 2026
|
|
|
Job Description:
Our team members are at the heart of everything we do. At
Cencora, we are united in our responsibility to create healthier
futures, and every person here is essential to us being able to
deliver on that purpose. If you want to make a difference at the
center of health, come join our innovative company and help us
improve the lives of people and animals everywhere. Apply today!
Job Details Summary: The Senior Director of Enterprise Security
Architecture (ESA) leads the definition, governance, and
enforcement of enterprise-wide security architecture strategy for
the enterprise. This leader is accountable for aligning
cybersecurity architecture with business strategy, digital
transformation, regulatory obligations, and risk appetite. The role
oversees reference architectures, security design standards,
architecture review boards (ARB), security requirements
engineering, and integration with Enterprise Architecture (EA),
Cloud, Data, AI, Infrastructure, and Application domains. This role
is responsible for building strong partnerships with technology
teams, other corporate support functions, and other Information
Security organizations to protect the corporate brand, data, and
assets and is responsible for the design, implementation,
operation, and maintenance of an information security framework,
processes, and systems, that protect the business, services,
information and systems against unauthorized use, disclosure,
modification, damage, and loss. The position partners closely with
the CISO, other Information Security Sr. Leaders, and other
Technology Leadership teams to establish a vision and strategy
required to ensure scalable, measurable, and continuously improving
defense capabilities across all security domains in collaboration
with other information security domain leaders and partner
organizations. Our employee experience is a strategic priority for
our company. Our leaders are accountable for leading with purpose,
fairness, and equity. They are responsible for building and
developing diverse teams, maintaining a safe and inclusive
environment, setting clear priorities, and holding self and team
accountable for executing with excellence. Primary
Responsibilities: Define and maintain the enterprise security
architecture vision and multi-year roadmap. Align security
architecture with corporate strategy, digital transformation, and
technology modernization initiatives. Establish target-state
architectures incorporating Zero Trust principles in collaboration
with other Information Security and Technology leaders. Translate
risk appetite into enforceable architectural guardrails. Develop
and maintain standardized reference architectures for: Cloud and
hybrid infrastructure Identity & Access Management Data protection
and privacy Network segmentation Application security AI/GenAI
security OT/IoT (in partnership with OT sr. cybersecurity
leadership) Additional Responsibilities: Ensure security-by-design
integration into SDLC and platform engineering models. Govern
architecture artifacts across global business units. Chair or
co-chair the Security Architecture Review Board (SARB). Define
security architecture review processes and risk exception
workflows. Establish measurable design assurance criteria. Partner
with Enterprise Architecture for integrated technology governance.
Translate regulatory and risk requirements into technical control
standards. Ensure compliance with global regulatory regimes (e.g.,
HIPAA, GDPR, SOX, FDA/GxP where applicable). Maintain or enforce
enterprise security standards library mapped to NIST, ISO, SOC 2,
PCI, HIPAA, GDPR, etc. Enable reusable security requirement models
for programs and projects. Drive automation of control validation
and policy-as-code enforcement. Support regulatory readiness across
global jurisdictions. Ensure architecture supports data residency
and sovereignty obligations. Collaborate with Legal, Privacy, and
Compliance on emerging regulatory impacts. Provide defensible
architecture documentation for audit and regulatory review. Lead
security architecture assessments for acquisitions. Define
integration and divestiture security blueprints. Support
large-scale ERP, digital, AI, and cloud transformation programs.
Establish rapid risk assessment models for new technologies.
Establish KPIs, OKRs, and performance dashboards. Track control
design effectiveness and systemic risk reduction. Integrate
architecture insights with cyber analytics programs. Report
enterprise architecture risk posture to executive leadership. Lead
global team of security domain architects. Define operating model
across centralized and federated teams. Establish architecture
career paths and technical competency frameworks. Enterprise
financial management and planning experience. Qualifications :
Education : Master’s Degree in Business Administration, Computer
Science, Information Technology or any other related discipline or
equivalent related experience. Preferred Certifications: Certified
Cloud Security Professional (CCSP) Certified Information Systems
Security Professional (CISSP) Sherwood Applied Business Security
Architecture (SABSA) Open Group Architecture Framework (TOGAF)
Certified in Risk and Information Systems Control (CRISC)
Certification in Information Security Strategy Management (CISM)
Microsoft Certified: Cybersecurity Architect Expert (SC-100)
Information Technology Infrastructure Library (ITIL) Offensive
Security Certified Professional (OSCP) Project Management
Professional (PMP) Certification WORK EXPERIENCE: 12 years of
directly-related or relevant experience with 8 years in a
managerial capacity, preferably in information security. SKILLS &
KNOWLEDGE: Behavioral Skills: Coaching and Mentoring Creativity &
Innovation Decision Making Leadership Skills People Management
Planning Risk-taking Technical Skills: IT Risk Management IT
Controls Cyber Attack Mitigation Enterprise IT Management Cloud
Security Network Security Identity & Access Management Application
Security Service Level Maintenance Information Security Strategy
Continuity Threat Modelling Information Security Strategy Standards
(SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI) Tools Knowledge:
Security Tools – CSPM, CWPP, CDR, CNAPP, SIEM, EDR, Email Security
Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV,
proxies, etc. Security Testing Tools - Open Source and COTS
security tools Threat Intelligence Tools Vulnerability Testing
Tools What Cencora offers We provide compensation, benefits, and
resources that enable a highly inclusive culture and support our
team members’ ability to live with purpose every day. In addition
to traditional offerings like medical, dental, and vision care, we
also provide a comprehensive suite of benefits that focus on the
physical, emotional, financial, and social aspects of wellness.
This encompasses support for working families, which may include
backup dependent care, adoption assistance, infertility coverage,
family building support, behavioral health solutions, paid parental
leave, and paid caregiver leave. To encourage your personal growth,
we also offer a variety of training programs, professional
development resources, and opportunities to participate in
mentorship programs, employee resource groups, volunteer
activities, and much more. For details, visit
https://www.virtualfairhub.com/cencora Full time Equal Employment
Opportunity Cencora is committed to providing equal employment
opportunity without regard to race, color, religion, sex, sexual
orientation, gender identity, genetic information, national origin,
age, disability, veteran status or membership in any other class
protected by federal, state or local law. The company’s continued
success depends on the full and effective utilization of qualified
individuals. Therefore, harassment is prohibited and all matters
related to recruiting, training, compensation, benefits, promotions
and transfers comply with equal opportunity principles and are
non-discriminatory. Cencora is committed to providing reasonable
accommodations to individuals with disabilities during the
employment process which are consistent with legal requirements. If
you wish to request an accommodation while seeking employment,
please call 888.692.2272 or email hrsc@cencora.com . We will make
accommodation determinations on a request-by-request basis.
Messages and emails regarding anything other than accommodations
requests will not be returned Affiliated Companies Affiliated
Companies: AmerisourceBergen Services Corporation
Keywords: Cencora, Fort Worth , Senior Director – Enterprise Security Architecture, IT / Software / Systems , Carrollton, Texas
