Senior Engineer, Information Security - Project Engagement Job
Job Description Job Attributes+
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
Cardinal Health’s Information Security team aims to be a world-class cybersecurity and risk management organization that enables Cardinal Health to be healthcare’s most trusted partner. We define solutions that balance information security requirements against business needs. We are a remote-first team and are excited to offer full-time remote opportunities.
We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empower talented team members who mentor and uplift others, be led by leaders with a critical focus on employee development and well-being, provide dedicated training programs with a fun and collaborative atmosphere.
The Project Engagement team is established within the Information Security and Risk organization and is organized alongside the Business Information Security Officer (BISO) team. Despite being organized into one team, the Project Engagement members are expected to create strong working relationships across the Information Security Department, Project Management teams, and the Global Technology Business Support (GTBS) Department.
We currently have a full-time career opening within the Information Security team to provide Information Security assessments and support to the project teams. This Senior Engineer will mature the project intake process and the project engagement lifecycle of the Information Security Department. They will provide visibility into security requirements, resource demands, and ensure security controls are implemented. Key responsibilities include:
· Develop and implement the onboarding and intake process for Information Security Projects
· Document and Update the Project Engagement Lifecycle.
· Incorporate a continuous feedback loop to continue to revise and improve Information Security Project Engagement.
· Partner with Information Security team, the project management office, and the Global Technology Business Support Organization to ensure proper ongoing project support.
· Ensure that security controls are being addressed and implemented in accordance with the project plan.
· Serve as a technical security advisor for all projects. This requires knowledge in Security Architecture, Privacy, Data Security, Regulatory Requirements, Resiliency, Application Security, Contract & Policy Considerations, Access Requirements, and other security considerations that must be addressed during project onboarding and planning.
· Provide visibility to Senior Leaders for all upcoming and ongoing projects.
· Effectively communicate resource requirement and context to security subject matter experts.
· Assist in prioritizing information security initiatives
· Firmly established strong communication and partnership skills
· Must be able to track and manage multiple initiatives simultaneously
· Highly organized and task oriented
· Strong, comprehensive understanding of information security concepts
· Knowledge of IT security e.g., systems, methodologies, technologies, architectures, practices, policies, working knowledge of security frameworks (NIST Cyber Security Framework preferred).
· Proven understanding of a project lifecycle and project management styles
· Experience working with cross-functional teams to accomplish common goals
· Ability to influence without authority
· Must be a team player and partner
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.