Cardinal Health Senior Cybersecurity Engineer - Remote in Pennsylvania
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
Cardinal Health’s Information Security team is on a tremendous growth journey adding a number of new team members in our Cyber Threat Operations Center, IT Risk and Compliance, and Security Architecture teams . We aim to be a world-class cybersecurity and risk management organization that enables Cardinal Health to be healthcare’s most trusted partner.
We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented team members who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere.
We currently have a career opening for a Senior Cybersecurity Engineer. We are a remote first team with the majority of team members working 100% remotely. We are open to team members who live anywhere within the United States.
This is a pivotal Team Lead level role in the CTOC at Cardinal Health. This person is responsible for the CTOC’s visibility into Cardinal Health’s network, infrastructure, and applications and ensuring our operations team can quickly identify and respond to threats and incidents. The ideal candidate’s unique blend of Incident Response experience and collaborative team building skills will help influence and drive cybersecurity strategy and future roadmap initiatives.
- Next Gen endpoint cyber security related to workstations and servers (on-prem and cloud)
- Incident response case management and automation (SOAR) – phishing campaign, use case, alerts and EDR detection triage
- Utilize SIEM technologies to enhance the CTOC.
- Cyber Kill Chain/MITRE ATT&CK frameworks execution and development
- Network and host-based firewall utilization and enhancements
- Execute Incident Response use case, playbook and documentation efforts – enhancements and net new
- Agile methodology, sprint planning and daily scrum meetings
- Participate in a structured, valuable and comprehensive cyber security training program
Opportunity to design and execute several program developments with the help of team members
Strategic – Tactical – Operational approach
- IOT/OT Incident Response
- Threat hunting
- Post-incident response
- Assist with the development of a Threat intel / Vulnerability Management program from a Cyber Threat Operations Center – Incident Response perspective
- Acts as a leader and mentor to less experienced team members
- Be a leader of a team culture which is collaborative, fun and hard working
- Ability to identify problems, gather the team to solution and drive them to completion
- Apply comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects related to incident response
- Works on complex projects of large scope domestically and internationally
- Develops technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organizational goals
- Completes work independently; receives general guidance on new projects and tasks
- Present data findings and influence organizational partners at multiple levels in the organization.
- Establish strong reporting metrics to support the program and influence behaviors
- Act as liaison with solution owners and IT groups to ensure alignment of our strategy
- Advanced experience with cyber security toolsets; specifically, Incident Response and Threat Hunting.
- CompTIA CySA+ or equivalent certifications preferred, but not required
- Strong analytical, collaborative, problem solving, organizational and planning skills
- Strong software development and scripting skills including, but not limited to, PowerShell, Python and API implementations
For any onsite, non-remote employees
A Covid-19 vaccination is required in order to be employed in this position. This includes either:
2 doses of the Moderna or Pfizer vaccine
1 dose of the Johnson & Johnson vaccine
Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
To read and review this privacy notice click here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.