Senior Security Engineer, Data Protection - remote

Cardinal Health
Posted 5 months ago 119,800.00/USD Annually
Remote co

Title: Senior Security Engineer, Data Protection

Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.

Information Security and Risk develops, implements, and enforces security controls to protect the organization’s technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

We currently have a full-time job opening for a Senior Security Engineer on the Data Protection team. This position can be either at our Dublin center or remote.

Job Overview:

The Information Security Engineer of Data Protection will help the team manager at Cardinal Health. This Engineer will support the greater mission of the team and will architect, design, and support technology solutions towards the protection of sensitive data. This will be done by leveraging tools such as Endpoint Data Loss Prevention (DLP), Cloud Access Security Broker (CASB), database monitoring and encryption methodologies (at rest, in transit, masking etc.) and other tools. This engineer will also play a role as the Sensitive Data Management program is developed and continually aligned with the changing business and technological landscape as well as industry evolutions and trends.

Responsibilities include the following:

  • Assist the manager in directing the implementation of data protection detection rules as needed and according to existing change processes.
  • Manage the architectural integrations and design of data protection technologies by working with enterprise security architecture and relevant stakeholders.
  • Provide oversight of DLP policies and configuration of technical tools per process requirements.
  • Partner with the manager to provide expertise to corporate, market segments and IT teams and implement appropriate DLP security and monitoring controls.
  • Collaborate with internal IT and business teams to build and deploy security and monitoring controls for databases.
  • Support event/incident remediation escalations for false positive tuning as needed.
  • Collaborate with the manager to define and then implement team processes and technologies to enable delivery of the roadmap initiatives.
  • Determine current and anticipate future data needs and support the development of security controls in collaboration with the team.
  • Aid in educating data subject matter experts and key business technology and application leaders on data identification, secure handling, storage, and transfer of sensitive data.
  • Support the manager in collaboration across Information Security and Data Analytics teams to aid in the development, growth, and evolution of the Sensitive Data Management Program while advocating for data protection tools and techniques.
  • Assist in the development of processes and tool alignment for data at rest initiatives.

    Qualifications

    • Demonstrated experience with industry DLP, CASB, Database Monitoring &Data Encryption tools and concepts, as well as data protection best practices
    • Demonstrated Information Security understanding and specifically industry best practices for the development of data protection team.
    • One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA, SSCP, etc.
    • Bachelor’s Degree in related field
    • Demonstrated experience in related field preferred.

      What is expected of you and others at this level?

      • Contribution to the development of policies and procedures related to data protection.
      • Assistance on projects tailored and aligned to the NIST growth plan in data protection.
      • Development of technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organizational goals.
      • Support the development of sensitive data processes to improve Cardinal Health enterprise security posture.
      • Assistance towards the implementation of automation and orchestration processes for remediation.
      • Provide support and guidance on new projects and tasks.
      • Make recommendations on new practices, processes, metrics, or models.
      • Mentoring less experienced colleagues

        Anticipated pay range: $119,800, –$171,100 (includes targeted variable pay)

        Bonus eligible: Yes

        Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.

        • Medical, dental and vision coverage
        • Paid time off plan
        • Health savings account (HSA)
        • 401k savings plan
        • Access to wages before pay day with myFlexPay
        • Flexible spending accounts (FSAs)
        • Short- and long-term disability coverage
        • Work-Life resources
        • Paid parental leave
        • Healthy lifestyle programs