Job Description

Are you looking to make a difference in a patient\xe2\x80\x99s life? At AmerisourceBergen, you will find an innovative and collaborative culture that is patient focused and dedicated to making a difference. As an organization, we are united in our responsibility to create healthier futures. Join us and Apply today!

What you will be doing

The Information Architect role is responsible for improving application and systems security and will support efforts to minimize the possibility that coding, design, or configuration security vulnerabilities could work their way into production environments, presenting a potential point-of-compromise. The Security Architect will review project documentation, research, and reference security policy, render recommendations and guidance, approve, or reject project artifacts from a security perspective, and perform other tasks in the pursuit of securing systems, processes, and software applications. Responsibilities will include:

Defining security requirements by evaluating business strategies and requirements; researching information security standards

Providing consulting services and security support to internal business and technology customers

Serving as the lead security liaison on assigned projects.

Providing input and recommendations to the development teams related to architecture, design, coding practices and SDLC elements that could potentially impact the application or solution from a security perspective.

Validating controls for Encryption, Access Control, Web Application Vulnerability Detection, OWASP top 10 and other common web application security parameters.

Reviewing application architecture and design from an application and infrastructure security perspective ensuring alignment with organization security standards and industry best practices.

Assisting with the development of secure coding standards

Ensuring that development is done in accordance with industry standards for secure development

Facilitating Periodic static code analysis utilizing existing standard service offering.

Facilitating dynamic and/or manual security testing utilizing existing standard service offering

Reviewing, developing, evaluating, and implementing security plans, products, and control techniques

Reviewing and documenting circumstances surrounding security gaps and defining corrective actions

Maintaining awareness of security and technology trends and shares that knowledge with others

Evangelizing security policies, standards, and nonfunctional requirements where/when needed

Daily and Weekly Status Reporting - for Work in Process and Planned and issues

Documenting processes, procedures, assessment outputs, working papers documentation to support existing SDLC and governance requirements

Representing security and IT risks among other company risk departments and committees.

Evaluating the effectiveness of awareness and training programs and makes recommendations for improvement.

What your background should look like

Bachelor\'s Degree in Computer Science, Information Systems or other related field, or equivalent work experience

10+ or more years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over five years of experience designing and deploying security for Business products and services and Enterprise solutions at the enterprise level.

Proficient communication skills

Preferred Certification in one or more Information Security relevant areas Security Professional (CISSP), Cloud Security (CCSP, CCSK, AZ500), Audit (CISA), Security Management (CISM)

Requires in-depth knowledge of security issues, techniques, and implications across all existing computer platforms.

Requires advanced level knowledge and understanding of architecture, application design, system engineering and integration.

Experience with evaluating and implementing security controls as related to Cloud based services including SaaS, PaaS, IaaS.

Strong computer skills to operate effectively with company systems and programs; working knowledge of applicable computer applications used at ABC

Working knowledge of network solutions and systems

Good analytical and critical thinking skills

Ability to communicate effectively both orally and in writing

Good interpersonal skills

Ability to prioritize workload and consistently meet deadlines

Strong organizational skills; attention to detail

Ability to lead and provide direction to project/product teams

Strong consultative skills: ability to interface effectively with technical and non-technical leaders.

Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.

Demonstrated sound understanding of at least three of the following control frameworks: ISO 27001/27002, HITRUST, PCI, NIST, GDPR and PCI

Business experience in a matrix Organization required

As of August 24, 2021, AmerisourceBergen requires all U.S. team members to be fully vaccinated and show proof of completed vaccine status at time of hire. If you cannot receive the COVID-19 vaccine due to a disability/medical reason or sincerely held religious belief you will be required to follow AmerisourceBergen\xe2\x80\x99s policy and process to apply for an exemption/accommodation.

What AmerisourceBergen offers

We offer a competitive total rewards package which includes benefits and compensation. Our commitment to our eligible population of team members includes benefit programs that are comprehensive, affordable, diverse, and designed to meet the needs of our team members\xe2\x80\x99 and their families. Some of these programs include paid time off including paid parental leave, access to retirement savings vehicles, medical, dental, vision, and life insurance options, an employee stock purchase program, and other financial, health, and well-being focused benefits.

Because we take a balanced, global approach to our benefits, benefit offerings may vary by location, position, and/or business unit. Some benefits are company-paid, while others are available through team member contributions. For details visit .

Schedule

Full time

Salary Range*

$93,500 - 143,990

*This Salary Range reflects a National Average for this job. The actual range may vary based on your locale. Ranges in Colorado/California/Washington State-specific locations may be up to 10% lower than the minimum salary range, and 12% higher than the maximum salary range.

Affiliated Companies: Affiliated Companies: AmerisourceBergen Services Corporation

Equal Employment Opportunity

AmerisourceBergen is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.

The company\xe2\x80\x99s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.

AmerisourceBergen is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Bachelor\'s Degree in Computer Science, Information Systems or other related field, or equivalent work experience

10+ or more years of combined IT and security work experience with a broad range of exposure to systems analysis, application development, systems administration and over five years of experience designing and deploying security for Business products and services and Enterprise solutions at the enterprise level.

Proficient communication skills

Preferred Certification in one or more Information Security relevant areas Security Professional (CISSP), Cloud Security (CCSP, CCSK, AZ500), Audit (CISA), Security Management (CISM)

Requires in-depth knowledge of security issues, techniques, and implications across all existing computer platforms.

Requires advanced level knowledge and understanding of architecture, application design, system engineering and integration.

Experience with evaluating and implementing security controls as related to Cloud based services including SaaS, PaaS, IaaS.

Strong computer skills to operate effectively with company systems and programs; working knowledge of applicable computer applications used at ABC

Working knowledge of network solutions and systems

Good analytical and critical thinking skills

Ability to communicate effectively both orally and in writing

Good interpersonal skills

Ability to prioritize workload and consistently meet deadlines

Strong organizational skills; attention to detail

Ability to lead and provide direction to project/product teams

Strong consultative skills: ability to interface effectively with technical and non-technical leaders.

Understands Information Security as it relates to the business and other areas of IT; understands direct impacts and risks.

Demonstrated sound understanding of at least three of the following control frameworks: ISO 27001/27002, HITRUST, PCI, NIST, GDPR and PCI

Business experience in a matrix Organization required

As of August 24, 2021, AmerisourceBergen requires all U.S. team members to be fully vaccinated and show proof of completed vaccine status at time of hire. If you cannot receive the COVID-19 vaccine due to a disability/medical reason or sincerely held religious belief you will be required to follow AmerisourceBergen\xe2\x80\x99s policy and process to apply for an exemption/accommodation.
$93,500 - 143,990

USA > TX > Remote

Salary

0

AmerisourceBergen