Job Description

Our team members are at the heart of everything we do. At Cencora, we are united in our responsibility to create healthier futures, and every person here is essential to us being able to deliver on that purpose. If you want to make a difference at the center of health, come join our innovative company and help us improve the lives of people and animals everywhere. Apply today!
Job Details
Cyber Incident Response Director - Pune, India
Position Summary
The Cyber Incident Response Director will play a key role in building and leading the Security Operations Center (SOC) in Pune, India. This role is responsible for managing day-to-day incident response operations, coordinating investigations, and driving continuous improvements to detection and response capabilities. The Director will collaborate with global cyber defense teams to ensure timely containment, investigation, and remediation of security incidents. This position requires strong technical expertise in incident response, SOC operations, and security tooling, combined with leadership skills to grow and develop a high-performing team in India.
Primary Duties and Responsibilities
Build, lead and manage the SOC team in Pune, including hiring, training, mentoring, and performance management of analysts and responders.
Oversee daily incident detection, analysis, containment, eradication, and recovery efforts.
Serve as the escalation point for high-priority or complex cyber incidents, ensuring timely response and communication to global stakeholders.
Develop and maintain incident response playbooks, runbooks, and standard operating procedures.
Partner with global SOC teams to align processes, technology, and reporting standards.
Collaborate with threat intelligence, vulnerability management, forensics, and insider threat teams to drive a unified defense strategy.
Manage relationships with key stakeholders in IT, Legal, Compliance, and Corporate Security during incident investigations.
Provide executive-level reporting and updates on incident trends, SOC performance metrics, and operational risks.
Ensure incident response activities comply with global regulatory and organizational requirements.
Drive continuous improvement of detection rules, automation, and response workflows in the SOC.
Education and Qualifications
Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related discipline required; Master's degree preferred.
Strong knowledge of incident response methodology, SOC operations, and security frameworks (e.g., NIST, MITRE ATT&CK).
Familiarity with global privacy and compliance requirements relevant to incident handling.
Preferred Certifications
GIAC Certified Incident Handler (GCIH)
GIAC Certified Intrusion Analyst (GCIA)
GIAC Certified Forensic Analyst (GCFA)
Certified Ethical Hacker (CEH)
Certified Information Systems Security Professional (CISSP)
Work Experience
10-15 years of progressive experience in cybersecurity, with at least 5 years focused on SOC operations or incident response.
Minimum of 5 years in a people management role, leading incident response or SOC analyst teams.
Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, Microsoft Defender, etc)
Proven experience responding to advanced threats, ransomware, phishing campaigns, and insider incidents.
Demonstrated success in building or scaling SOC teams in a global enterprise environment.
Strong communication skills, with the ability to brief technical and non-technical stakeholders during incidents.
.

• 10-15 years of progressive experience in cybersecurity, with at least 5 years focused on SOC operations or incident response.
• Minimum of 5 years in a people management role, leading incident response or SOC analyst teams.
• Hands-on experience with SIEM, EDR, SOAR, and forensic tools (e.g., Splunk, CrowdStrike, Microsoft Defender, etc)
• Proven experience responding to advanced threats, ransomware, phishing campaigns, and insider incidents.
• Demonstrated success in building or scaling SOC teams in a global enterprise environment.
• Strong communication skills, with the ability to brief technical and non-technical stakeholders during incidents.

What Cencora offers
?Benefit offerings outside the US may vary by country and will be aligned to local market practice. The eligibility and effective date may differ for some benefits and for team members covered under collective bargaining agreements.
Full time
Affiliated Companies Affiliated Companies: AmerisourceBergen Services Corporation
Equal Employment Opportunity
Cencora is committed to providing equal employment opportunity without regard to race, color, religion, sex, sexual orientation, gender identity, genetic information, national origin, age, disability, veteran status or membership in any other class protected by federal, state or local law.
The company's continued success depends on the full and effective utilization of qualified individuals. Therefore, harassment is prohibited and all matters related to recruiting, training, compensation, benefits, promotions and transfers comply with equal opportunity principles and are non-discriminatory.
Cencora is committed to providing reasonable accommodations to individuals with disabilities during the employment process which are consistent with legal requirements. If you wish to request an accommodation while seeking employment, please call 888.692.2272 or email . We will make accommodation determinations on a request-by-request basis. Messages and emails regarding anything other than accommodations requests will not be returned

Skills Required