Senior Analyst, Information Security & Risk
OH-Ohio-FIELD
Full Time Senior-level / Expert USD 78K - 111K
Cardinal Health
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
Cardinal Health’s Information Security team is on a tremendous growth journey adding a number of new team members in our Cyber Threat Operations Center (CTOC) , IT Risk and Compliance, and Security Architecture teams . We aim to be a world-class cybersecurity and risk management organization that enables Cardinal Health to be healthcare’s most trusted partner.
We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented team members who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere.
We currently have a career opening for a Cyber Security Analyst.
Cyber Threat Operations Center (CTOC) Overview
The is a pivotal role in the Cyber Threat Operation Center (CTOC) at Cardinal Health. This person is responsible for the CTOC’s visibility into Cardinal’s network, infrastructure, and applications and ensuring our operations team can quickly identify and respond to threats. The ideal candidate’s unique blend of platform engineering and data science skills will help influence cybersecurity strategy and future roadmap initiatives.
We exist to ensure availability, integrity and confidentiality of healthcare infrastructure that safeguards the patient
We promote a culture that protects information assets, manages risk and embeds security in people, process and technology
Defines solutions that balance information security requirements against business needs.
Investigates and resolves security incidents and recommends enhancements to improve security.
Responsibilities include but are not limited to:
- Experience with Security tools and techniques used by Cybersecurity teams
- Experience with Incident Management and response activities across the incident response life cycle
- Experience identifying, capturing, containing, and reporting malware.
- SIEM technologies and utilization within a cyber security environment
- Cyber Kill Chain/Mitre ATT&CK frameworks and application within a cyber security command center
- Knowledge of how data is collected and analyzed from a variety of tools and sources
- Knowledge of cyber threats and vulnerabilities.
- Knowledge of incident categories, incident responses, and timelines for responses.
- Ability to identify, detect, respond and mitigate sophisticated threats in the environment
- Endpoints (laptop/desktop/server) related to cyber security
- Incident response case management and automation (SOAR)
- Incident Response toolsets and specifically phishing group mailbox support
- Logging/monitoring solutions and implementations
- Apply comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects related to incident response
- Works on complex projects of large scope domestically and internationally
- Provide an organized and risk-based approach to remediation of sensitive assets in the enterprise
- Present data findings and influence organizational partners at multiple levels in the organization.
- Establish strong reporting metrics to support the program and influence behaviors.
- Act as liaison with solution owners and IT groups to ensure alignment of our strategy.
Basic Qualifications
- General exposure to cyber security and Incident Response toolsets.
- Strong analytical, collaborative, problem solving, organizational and planning skills.
- 2+ years experience in related field.
- Strong written and oral interpersonal skills.
- Bachelor's in related field or equivalent work experience
Preferred Qualifications:
- Experience performing Digital forensics.
- Linux/Unix OS, Windows and Mac administration skills
- Knowledge of Cloud platforms including GCP, AWS or Azure.
- Proven experience with the Cyber Kill Chain, EDR, SIEM and MITRE ATT&CK framework.
Anticipated salary range: $78,100 - $111,500
Bonus eligible: No
Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.
- Medical, dental and vision coverage
- Paid time off plan
- Health savings account (HSA)
- 401k savings plan
- Access to wages before pay day with myFlexPay
- Flexible spending accounts (FSAs)
- Short- and long-term disability coverage
- Work-Life resources
- Paid parental leave
- Healthy lifestyle programs
Application window anticipated to close: 7/15/2024 *if interested in opportunity, please submit application as soon as possible.
The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.
Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.
Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
To read and review this privacy notice click here
Tags: Automation AWS Azure Cloud Compliance Cyber Kill Chain EDR Forensics GCP Incident response Linux Malware MITRE ATT&CK Monitoring Privacy Risk management SIEM SOAR Strategy UNIX Vulnerabilities Windows
Perks/benefits: 401(k) matching Career development Equity / stock options Flexible spending account Flex vacation Gear Health care Medical leave Parental leave Salary bonus Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Penetration Tester jobs
- Open Cloud Security Architect jobs
- Open Security Operations Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Security Officer jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cyber Security Architect jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Security Consultant jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Security Operations Analyst jobs
- Open Manager Pentest H/F jobs
- Open Information Security Architect jobs
- Open Information System Security Officer jobs
- Open Agile-related jobs
- Open Risk assessment-related jobs
- Open SOC-related jobs
- Open Analytics-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open APIs-related jobs
- Open CEH-related jobs
- Open Security assessment-related jobs
- Open SaaS-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open EDR-related jobs
- Open TS/SCI-related jobs