Cyber Security Engineer

at Cardinal Health
Published September 8, 2023
Location Columbus, OH
Category Default  
Job Type Full-time  


Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

Department Overview:

Cardinal Health's Information Security team is on a tremendous growth journey adding a number of new team members in our Cyber Threat Operations Center (CTOC) , IT Risk and Compliance, and Security Architecture teams . We aim to be a world-class cybersecurity and risk management organization that enables Cardinal Health to be healthcare's most trusted partner.

We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented team members who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere.

Job Overview:

We currently have a career opening for a Cyber Security Engineer. Cyber Threat Operations Center (CTOC) Overview

The is a pivotal role in the Cyber Threat Operation Center (CTOC) at Cardinal Health. This person is responsible for the CTOC's visibility into Cardinal's network, infrastructure, and applications and ensuring our operations team can quickly identify and respond to threats. The ideal candidate's unique blend of platform engineering and data science skills will help influence cybersecurity strategy and future roadmap initiatives.

What is expected of you and others at this level

  • We exist to ensure availability, integrity and confidentiality of healthcare infrastructure that safeguards the patient
  • We promote a culture that protects information assets, manages risk and embeds security in people, process and technology
  • Defines solutions that balance information security requirements against business needs.
  • Investigates and resolves security incidents and recommends enhancements to improve security.


  • Coordinate and provide expert technical support to enterprise-wide cyber defense technicians to resolve cyber defense incidents.
  • Correlate incident data to identify specific vulnerabilities and make recommendations that enable expeditious remediation.
  • Perform analysis of log files from a variety of sources (e.g., individual host logs, network traffic logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security.
  • Perform cyber defense incident triage, to include determining scope, urgency, and potential impact, identifying the specific vulnerability, and making recommendations that enable expeditious remediation.
  • Perform cyber defense trend analysis and reporting.
  • Perform initial, forensically sound collection of images and inspect to discern possible mitigation/remediation on enterprise systems.
  • Receive and analyze network alerts from various sources within the enterprise and determine possible causes of such alerts.
  • Collect intrusion artifacts (e.g., source code, malware, Trojans) and use discovered data to enable mitigation of potential cyber defense incidents within the enterprise.
  • Coordinate with intelligence analysts to correlate threat assessment data.
  • Write and publish after action reviews.
  • Monitor external data sources (e.g., cyber defense vendor sites, Computer Emergency Response Teams, Security Focus) to maintain currency of cyber defense threat condition and determine which security issues may have an impact on the enterprise.


Required Qualifications

  • Ability to apply techniques for detecting host and network-based intrusions using intrusion detection technologies.
  • Ability to apply techniques for responding to host and network-based intrusions using incident response technologies and techniques.

Preferred Qualifications

  • 3+ years experience in related field preferred
  • Bachelor's or above in related field or equivalent work experience preferred
  • Strong analytical, collaborative, problem solving, organizational and planning skills.
  • Strong written and oral interpersonal skills.
  • Proficient PC skills; including working knowledge of Microsoft Office products.
  • Skill of identifying, capturing, containing, and reporting malware.
  • Skill in preserving evidence integrity according to standard operating procedures or national standards.
  • Skill in securing network communications.
  • Skill in recognizing and categorizing types of vulnerabilities and associated attacks.
  • Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • Skill in performing damage assessments.
  • Skill in using security event correlation tools.
  • Skill to design incident response for cloud service models.
  • Knowledge of Endpoints (laptop/desktop/server) related to cyber security incident response
  • Knowledge of Incident response case management and automation (SOAR)
  • Knowledge of Incident Response toolsets and specifically phishing group mailbox support
  • Knowledge of SIEM technologies and utilization within a cyber security environment
  • Knowledge of Cyber Kill Chain/Mitre ATT&CK frameworks and application within a cyber security command center
  • Knowledge of Logging/monitoring solutions and implementations
  • Knowledge of Agile methodology, sprint planning and daily scrum meetings
  • Knowledge of Apply comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects related to incident response

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

To read and review this privacy notice click here