Job description

**What Cyber Security contributes to Cardinal Health** Information Security is responsible for managing information security operations. We exist to ensure availability, integrity, and confidentiality of healthcare infrastructure that safeguards the patient. We promote a culture that protects information assets, manages risk, and embeds security in people, process, and technology. • *Job Description** The Sr. Engineer -Threat Operations is responsible for discovering, assessing, and mitigating risks across Cardinal Health's infrastructure, and digital footprint. This role leads tactical efforts and supports strategic initiatives to improve remediation SLA's and reduce the organization's attack surface. Responsibilities include asset discovery, vulnerability analysis, risk mitigation, tool management, collaboration across teams, and reporting on overall vulnerability management posture. • *What is expected of you and others at this level** + High-performing team member related to planning, development, and execution of VM & ASM program initiatives + Execution in alignment with fiscal year goals for Cyber Security, IT, and the business + Applies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities related to attack surface management, vulnerability lifecycle, and digital asset protection + Develops and implements innovative solutions to a wide range of difficult problems + Provides diverse thought and promotes an inclusive environment + Completes work independently; receives general guidance on new projects + May act as a mentor to less experienced colleagues • *Accountabilities in this role** + Continuously discover and maintain an accurate, real-time inventory of all digital assets, including internet-facing systems, cloud environments, and IoT devices + Analyze identified assets for vulnerabilities, misconfigurations, and risks + Collaborate with IT, IoT, platform engineering, and business teams to integrate security into operations and workflows + Recommend and implement standards to reduce the attack surface and prioritize remediation efforts + Utilize and manage VM & ASM tools for asset discovery, vulnerability scanning, and monitoring + Prepare reports and dashboards on VM posture, KPIs, and remediation initiatives + Educate and train IT and network teams on VM and proactive security practices + Drive automation and control improvements to enhance security posture • *Required Qualifications:** + Experience in Engineering/IT Operations, Security Operations, Vulnerability Management, and/or Attack Surface Management in large enterprise environments + Proficiency with security tools and technologies including vulnerability scanners and network monitoring tools + Solid understanding of security protocols, standards, and attack vectors + Knowledge of cloud-native security practices (e.g., AWS, Azure, GCP) and system/application hardening + Strong analytical and problem-solving skills + Excellent communication and collaboration skills + Understanding of common web vulnerabilities (e.g., XSS, SQL Injection) and familiarity with web applications and APIs • *Preferred Qualifications:** + Bachelor's degree in information security, Computer Science, or related field + Familiarity with achieving remediation SLAs, and NIST Control Frameworks + Experience working with Open-Source tools + Experience with SIEM, SOAR, Vulnerability Management, Attack Surface Management tools + Relevant certifications such as CISSP, CCSP, CCSK, GIAC (GCIH, GPEN), Security **Anticipated salary range:** $123,400 - $185,115 • *Bonus eligible:** Yes • *Benefits:** Cardinal Health offers a wide variety of benefits and programs to support health and well-being. + Medical, dental and vision coverage + Paid time off plan + Health savings account (HSA) + 401k savings plan + Access to wages before pay day with myFlexPay + Flexible spending accounts (FSAs) + Short- and long-term disability coverage + Work-Life resources + Paid parental leave + Healthy lifestyle programs • *Application window anticipated to close:** 10/15/2025 *if interested in opportunity, please submit application as soon as possible. The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity. _Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply._ _Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal_ _Opportunity/Affirmative_ _Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law._ _To read and review this privacy notice click_ here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)

Requirements