What Cyber Security contributes to Cardinal Health

Information Security is responsible for managing information security operations. We exist to ensure availability, integrity, and confidentiality of healthcare infrastructure that safeguards the patient. We promote a culture that protects information assets, manages risk, and embeds security in people, process, and technology.

Job Description

The Sr. Engineer –Threat Operations is responsible for discovering, assessing, and mitigating risks across Cardinal Health’s infrastructure, and digital footprint. This role leads tactical efforts and supports strategic initiatives to improve remediation SLA’s and reduce the organization’s attack surface. Responsibilities include asset discovery, vulnerability analysis, risk mitigation, tool management, collaboration across teams, and reporting on overall vulnerability management posture.

What is expected of you and others at this level

High-performing team member related to planning, development, and execution of VM & ASM program initiativesExecution in alignment with fiscal year goals for Cyber Security, IT, and the businessApplies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities related to attack surface management, vulnerability lifecycle, and digital asset protectionDevelops and implements innovative solutions to a wide range of difficult problemsProvides diverse thought and promotes an inclusive environmentCompletes work independently; receives general guidance on new projectsMay act as a mentor to less experienced colleagues

Accountabilities in this role

Continuously discover and maintain an accurate, real-time inventory of all digital assets, including internet-facing systems, cloud environments, and IoT devicesAnalyze identified assets for vulnerabilities, misconfigurations, and risksCollaborate with IT, IoT, platform engineering, and business teams to integrate security into operations and workflowsRecommend and implement standards to reduce the attack surface and prioritize remediation effortsUtilize and manage VM & ASM tools for asset discovery, vulnerability scanning, and monitoringPrepare reports and dashboards on VM posture, KPIs, and remediation initiativesEducate and train IT and network teams on VM and proactive security practicesDrive automation and control improvements to enhance security posture

Required Qualifications:

Experience in Engineering/IT Operations, Security Operations, Vulnerability Management, and/or Attack Surface Management in large enterprise environmentsProficiency with security tools and technologies including vulnerability scanners and network monitoring toolsSolid understanding of security protocols, standards, and attack vectorsKnowledge of cloud-native security practices (e.g., AWS, Azure, GCP) and system/application hardeningStrong analytical and problem-solving skillsExcellent communication and collaboration skillsUnderstanding of common web vulnerabilities (e.g., XSS, SQL Injection) and familiarity with web applications and APIs

Preferred Qualifications:

Bachelor’s degree in information security, Computer Science, or related fieldFamiliarity with achieving remediation SLAs, and NIST Control FrameworksExperience working with Open-Source toolsExperience with SIEM, SOAR, Vulnerability Management, Attack Surface Management toolsRelevant certifications such as CISSP, CCSP, CCSK, GIAC (GCIH, GPEN), Security+

Anticipated salary range: $123,400 - $185,115

Bonus eligible: Yes

Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.

Medical, dental and vision coveragePaid time off planHealth savings account (HSA)401k savings planAccess to wages before pay day with myFlexPayFlexible spending accounts (FSAs)Short- and long-term disability coverageWork-Life resourcesPaid parental leaveHealthy lifestyle programs

Application window anticipated to close: 10/15/2025 *if interested in opportunity, please submit application as soon as possible.

The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

To read and review this privacy notice click here