Director - Cyber Incident Response at Cencora

pune, maharashtra, India -

Full Time

Start Date

Immediate

Expiry Date

29 Mar, 26

Salary

0.0

Posted On

29 Dec, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Incident Response, SOC Operations, Security Tooling, Team Leadership, Threat Intelligence, Vulnerability Management, Forensics, Insider Threat, Communication Skills, Regulatory Compliance, Continuous Improvement, Cybersecurity, Performance Management, Incident Detection, Analysis, Containment

Industry

Hospitals and Health Care

Description

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today! Job Details Cyber Incident Response Director – Pune, India Position Summary The Cyber Incident Response Director will play a key role in building and leading the Security Operations Center (SOC) in Pune, India. This role is responsible for managing day-to-day incident response operations, coordinating investigations, and driving continuous improvements to detection and response capabilities. The Director will collaborate with global cyber defense teams to ensure timely containment, investigation, and remediation of security incidents. This position requires strong technical expertise in incident response, SOC operations, and security tooling, combined with leadership skills to grow and develop a high-performing team in India. Primary Duties and Responsibilities Build, lead and manage the SOC team in Pune, including hiring, training, mentoring, and performance management of analysts and responders. Oversee daily incident detection, analysis, containment, eradication, and recovery efforts. Serve as the escalation point for high-priority or complex cyber incidents, ensuring timely response and communication to global stakeholders. Develop and maintain incident response playbooks, runbooks, and standard operating procedures. Partner with global SOC teams to align processes, technology, and reporting standards. Collaborate with threat intelligence, vulnerability management, forensics, and insider threat teams to drive a unified defense strategy. Manage relationships with key stakeholders in IT, Legal, Compliance, and Corporate Security during incident investigations. Provide executive-level reporting and updates on incident trends, SOC performance metrics, and operational risks. Ensure incident response activities comply with global regulatory and organizational requirements. Drive continuous improvement of detection rules, automation, and response workflows in the SOC. Education and Qualifications Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related discipline required; Master’s degree preferred. Strong knowledge of incident response methodology, SOC operations, and security frameworks (e.g., NIST, MITRE ATT&CK). Familiarity with global privacy and compliance requirements relevant to incident handling. Preferred Certifications GIAC Certified Incident Handler (GCIH) GIAC Certified Intrusion Analyst (GCIA) GIAC Certified Forensic Analyst (GCFA) Certified Ethical Hacker (CEH) Certified Information Systems Security Professional (CISSP) Work Experience 10–15 years of progressive experience in cybersecurity, with at least 5 years focused on SOC operations or incident response. Minimum of 5 years in a people management role, leading incident response or SOC analyst teams. Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, Microsoft Defender, etc) Proven experience responding to advanced threats, ransomware, phishing campaigns, and insider incidents. Demonstrated success in building or scaling SOC teams in a global enterprise environment. Strong communication skills, with the ability to brief technical and non-technical stakeholders during incidents. . 10-15 years of progressive experience in cybersecurity, with at least 5 years focused on SOC operations or incident response. Minimum of 5 years in a people management role, leading incident response or SOC analyst teams. Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, Microsoft Defender, etc) Proven experience responding to advanced threats, ransomware, phishing campaigns, and insider incidents. Demonstrated success in building or scaling SOC teams in a global enterprise environment. Strong communication skills, with the ability to brief technical and non-technical stakeholders during incidents. What Cencora offers Benefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements. Full time Affiliated Companies Affiliated Companies: AmerisourceBergen Services Corporation Equal Employment Opportunity Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law. The company’s continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory. Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email hrsc@cencora.com. We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned Cencora is a leading global pharmaceutical solutions company that is committed to improving the lives of people and animals everywhere. We connect manufacturers, providers, and patients to ensure that anyone can get the therapies they need, where and when they need them. We’re a purpose-driven organization, where all of our team members around the world are united in our responsibility to create healthier futures. We work together every day to help our partners bring their innovations to patients worldwide, creating unparalleled access and impact at the center of health. Recruitment scams are on the rise and the intent is to target individuals looking for employment opportunities. To protect yourself, we urge you to be vigilant and follow these guidelines. 1.) Research the Company: Thoroughly research any company before applying or sharing personal information, check their website, read reviews, and verify their legitimacy. 2.) Be Wary of Unrealistic Promises: Exercise caution If a job posting offers high salaries and minimal qualifications. Legitimate jobs will have realistic expectations and provide detailed job requirements. Jobs at Cencora can be found on Cencora.com/careers 3.) Guard Your Personal Information: Only share sensitive information after vetting the employer’s credibility. Avoid sharing your Social Security number, bank account details, or identification documents during the application process. Cencora does not request this information as part of the employment application. 4.) Avoid Upfront Payments: Legitimate employers do not require payment during the hiring process. Be suspicious if you are asked to pay for training materials, processing fees, or background checks before securing a job offer. Cencora will never ask you for payment information during the hiring or onboarding process. 5.) Verify Communication Channels: Scammers often use free email services or chat platforms without providing an official company contact information. Cencora recruiters will have an email address ending in @cencora.com, @alliance-healthcare.net, @alliance-healthcare.co.uk, alliance-healthcare.fr or alliance-healthcare.ro Remember to stay vigilant and informed about common scam tactics to reduce the risk of falling victim to fraudulent employment schemes. If you believe you have encountered a job scam posing as a Cencora opportunity, please report it immediately to: GlobalTalentAcquisition@Cencora.com

Responsibilities

The Cyber Incident Response Director will build and lead the SOC team, manage incident response operations, and ensure timely containment and remediation of security incidents. This role also involves developing incident response playbooks and collaborating with global teams to enhance security measures.