WHAT INFORMATION SECURITY AND RISK CONTRIBUTES TO CARDINAL HEALTH

Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.
Information Security and Risk develops, implements, and enforces security controls to protect the organization’s technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
We currently have a full-time job opening for an Experienced Engineer on the Data Protection team. This position can be either at our Dublin center or remote.

DESIRED QUALIFICATIONS

• Prior experience with industry tools, especially CASB and email encryption technologies.
• Prior experience leveraging/configuring XSOAR solutions towards event and incident remediation in DLP.
• Prior exposure and usage of GCP-native security controls.
• Proficient with query development and understanding of SIEM solutions.
• Solid understanding of Zero Trust principles and best practices relating to the data pillar.
• Demonstrated Information Security understanding and specifically industry best practices for the development of data protection processes.
• One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA, SSCP or similar
• Bachelor’s Degree in related field or equivalent work experience
• At least 6-8 years of experience working with data protection technologies preferred.

• Assist in the design and support of data protection technology advancements/developments.
• Assist fellow engineers in supporting GCP Big Query initiatives inclusive of scan configurations and reporting in GCP.
• Manage policies and configuration of data protection technology rule sets per program requirements and leadership requests.
• Help drive CASB integrations and the overall advancement of company data at rest initiatives in relevant environments and applications.
• Partner with the manager and technical lead to provide security expertise to corporate, market segments and IT teams
• Provide consultation and implement appropriate DLP security and monitoring controls in support of relevant M&A activities and Zero Trust discussions.
• Take a central role in defining and then implementing requested security controls to enable delivery of the Data protection road map initiatives.
• Support the technical lead and manager in collaboration across Information Security, Data governance and business units to aid in the development, growth, and evolution of our security culture.
• Participate in relevant/daily DLP event remediation activities and help drive automated tasks of relevant DLP detections in collaboration with analysts.
• Participate in corporate policy updates and developments.
• Take an active role in supporting relevant POC efforts for new technologies