**What Information Security and Risk contributes to Cardinal Health**

Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.

Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

We currently have a full-time job opening for a Senior Security Engineer on the Data Protection team. This position can be either at our Dublin center or remote.

**Job Overview:**

The Information Security Engineer of Data Protection will help the team manager at Cardinal Health. This Engineer will support the greater mission of the team and will architect, design, and support technology solutions towards the protection of sensitive data. This will be done by leveraging tools such as Endpoint Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), database monitoring and encryption methodologies (at rest, in transit, masking etc.) and other tools. This engineer will also play a role as the Sensitive Data Management program is developed and continually aligned with the changing business and technological landscape as well as industry evolutions and trends.

**Responsibilities include the following:**

Assist the manager in directing the implementation of data protection detection rules as needed and according to existing change processes.

Manage the architectural integrations and design of data protection technologies by working with enterprise security architecture and relevant stakeholders.

Provide oversight of DLP policies and configuration of technical tools per process requirements.

Partner with the manager to provide expertise to corporate, market segments and IT teams and implement appropriate DLP security and monitoring controls.

Collaborate with internal IT and business teams to build and deploy security and monitoring controls for databases.

Support event/incident remediation escalations for false positive tuning as needed.

Collaborate with the manager to define and then implement team processes and technologies to enable delivery of the roadmap initiatives.

Determine current and anticipate future data needs and support the development of security controls in collaboration with the team.

Aid in educating data subject matter experts and key business technology and application leaders on data identification, secure handling, storage, and transfer of sensitive data.

Support the manager in collaboration across Information Security and Data Analytics teams to aid in the development, growth, and evolution of the Sensitive Data Management Program while advocating for data protection tools and techniques.

Assist in the development of processes and tool alignment for data at rest initiatives.

**Qualifications**

Demonstrated experience with industry DLP, CASB, Database Monitoring & Data Encryption tools and concepts, as well as data protection best practices

Demonstrated Information Security understanding and specifically industry best practices for the development of data protection team.

One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA, SSCP, etc.

Bachelors Degree in related field

Demonstrated experience in related field preferred.

**What is expected of you and others at this level?**

Contribution to the development of policies and procedures related to data protection.

Assistance on projects tailored and aligned to the NIST growth plan in data protection.

Development of technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organizational goals.

Support the development of sensitive data processes to improve Cardinal Health enterprise security posture.

Assistance towards the implementation of automation and orchestration processes for remediation.

Provide support and guidance on new projects and tasks.

Make recommendations on new practices, processes, metrics, or models.

Mentoring less experienced colleagues

**Anticipated pay range:** $119,800, - $171,100 (includes targeted variable pay)

**Bonus eligible:** Yes

**Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being.

Medical, dental and vision coverage

Paid time off plan

Health savings account (HSA)

401k savings plan

Access to wages before pay day with myFlexPay

Flexible spending accounts (FSAs)

Short- and long-term disability coverage

Work-Life resources

Paid parental leave

Healthy lifestyle programs

**Application window anticipated to close:** 7/15/2024 *if interested in opportunity, please submit application as soon as possible.

The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidates geographical location, relevant education, experience and skills and an evaluation of internal pay equity.

_Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._

_Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._

_To read and review this privacy notice click_ here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)