We Hire America Jobs

Mobile We Hire America Logo
WeHireAmerica.jobs is a service of HR Policy Foundation and DirectEmployers Association. These two non-profit organizations are providing this free resource to help educators, policy makers and job seekers understand the great employment opportunities available here in the U.S. at some of America's biggest and best companies.

Job Information

Cardinal Health Senior Information Security & Risk Engineer - CAH at-Home in Ohio

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

Cardinal Health’s Information Security team is on a tremendous growth journey adding several new team members in our Cyber Threat Operations Center, IT Risk and Compliance, and Security Architecture teams. We aim to be a world-class cybersecurity and risk management organization that enables Cardinal Health to be healthcare’s most trusted partner. We are a remote-first team and are excited to offer full-time remote opportunities.

We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented team members who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere. We currently have a full-time career opening within Information Security to support the growth of Cardinal Health at-Home.

Functional Overview

The Senior Information Security & Risk Engineer is a new capability for Cardinal Health and will be executed by Product Security Officer team. The primary goal of this position is to ensure delivery of best-in-class cybersecurity, risk management, and compliance for Cardinal Health at-Home, a market-leading medical supplies provider serving people with chronic and serious health conditions in the United States. It services more than 4 million customers per year through two distinct businesses:


Job Overview

The Senior Information Security & Risk Engineer will be responsible for day-to-day activities in implementing the corporate information security and compliance program. The individual will be a front-line partner to technical teams and work across the organization to deliver security and compliance initiatives aligning to corporate policies, standards, procedures and audit activities. Success in the role will be measured by the effectiveness of the implementation of information security, risk management and compliance directives.

This role is a senior position within the team and will work with various IT and business teams to drive both information security and compliance initiatives. The individual will perform internal and external security compliance monitoring activities, manage client audits, IT control audits, architecture reviews, threat modeling, security risk assessments and will assist in the management of compliance activities such as NIST, HIPAA, SOC 2, FedRAMP, PCI, ISO27001, HITRUST and SOX. Good interpersonal and relationship building skills are essential for success.

Job Responsibilities Include:
  • Maintain governance program that ensures that the security policies, standards and process are in place
  • Ensure healthcare information security best practices and HIPAA compliance utilizing HITRUST CSF
  • Serve as liaison to other Cardinal Health teams to ensure knowledge share and best practices
  • Partner with the engineering, architecture and operations teams to ensure delivery of infrastructure design and threat models which prove security requirements
  • Monitor security trends and drive security best practices throughout the organization
  • Evaluate, design, test, and recommend new or improved controls
  • Work with third party firms and consultants to conduct independent security audits, vulnerability scans, and penetration tests
  • Investigate, drive resolution and document security incidents


  • Bachelors Degree in related field, or equivalent work experience leading cybersecurity or information security initiatives
  • Have 5+ years information security related work experience, preferably within the healthcare industry
  • Experience in vulnerability management programs, vulnerability assessments and advanced understanding of risk management
  • Familiarity with at least one common programming language, software development pipelines, and system lifecycles
  • Familiarity with security frameworks and assessments such as HIPAA/HITECH, ISO, ITIL, NIST, PCI DSS, & SOX
  • Expertise in common security vulnerabilities like OWASP Top 10
  • Experience advising and mentoring diverse teams where you do not have direct authority
  • Strong written and verbal communication skills

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

To read and review this privacy notice click here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)

We are a team of nearly 48,000 mission-driven partners striving each day to advance healthcare and improve lives. We are Essential to care.

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a distributor of pharmaceuticals, a global manufacturer and distributor of medical and laboratory products, and a provider of performance and data solutions for health care facilities

We are a crucial link between the clinical and operational sides of care, working with more than 4,500 sourcing and manufacturing partners to deliver end-to-end solutions and data-driven insights that advance healthcare and improve lives every day. With deep partnerships, diverse perspectives and innovative digital solutions, we build connections across the continuum of care.

With 50 years of experience, approximately 44,000 employees and operations in more than 30 countries, Cardinal Health seizes the opportunity to address healthcare’s most complicated challenges — now, and in the future.

On Thursday, Jan. 7, 2021, we celebrated the day our founder, Bob Walter, had the vision to start a business that became known as Cardinal Health.

One of the most important ways we celebrated was by giving back to the communities where we live and work. 2021 was a "Year of Service” for all Cardinal Health employees around the world.

View Cardinal Health on YouTube (http://youtube.com/user/CardinalHealth)

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.