Cyber Security UEBA Engineer.

at Cardinal Health
Location Dublin, OH
Date Posted August 8, 2019
Category Default
Job Type Full-time


Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

We currently have a career opening for a Cyber Security UEBA Engineer.

Department Overview

Information Security is responsible for managing Information Security Operations.  We exist to ensure availability, integrity and confidentiality of healthcare infrastructure that safeguards the patient.  We promote a culture that protects information assets, manages risk and embeds security in people, process and technology.  Overall, we define solutions that balance information security requirements against business needs.

Job Overview

As a Cyber Security UEBA engineer, you will be working extensively with our logging/monitoring tool-sets related to the platform and our SIEM instance.  The work in this space will center around troubleshooting and enhancing existing use cases and in our SIEM instance.  Additionally, you will be creating, developing and executing new use cases for the Cyber Security team. 

The UEBA portion of this role will center around the implementation of the UEBA tool into the Cardinal Health environment.  This is a net new tool that will require configuring of data ingestion, use cases, tuning of data and development of processes and procedures.  Over the coming fiscal year and beyond, this role will be an integral part in the operationalizing of the tool to drive further value for the Cyber Security team. 

What is expected of you in this role?

  • Applies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects related to UEBA
  • Works on complex projects of large scope domestically and internationally
  • Develops technical solutions to a wide range of difficult problems.  Solutions are innovative and consistent with organizational goals
  • Completes work independently; receives general guidance on new projects and tasks
  • May act as a mentor to less experienced colleagues
  • Present data findings and influence organizational partners at multiple levels in the organization.
  • Establish strong reporting metrics to support the program and influence behaviors.
  • Act as liaison with solution owners and IT groups to ensure alignment of our strategy.
  • Strong analytical, collaborative, problem solving, organizational and planning skills.
  • Proficient PC skills; including working knowledge of Microsoft Office products.
  • Strong written and oral interpersonal skills
  • Proficient PC skills; including working knowledge of Microsoft Office products


  • Extensive experience with SIEM technologies and utilization within a Sec Ops environment
  • Strong conceptual understanding and usage of UEBA tool sets
  • Experience with use case creation, development and execution for end users and entities to understand behavior
  • Experience with interpreting vast amounts of data to understand normal versus anomaly
  • Extensive experience in large and complex infrastructure environments (cloud and on-premise)
  • Knowledge and execution of agile methodology within a Cyber Security environment
  • Familiarity with incident response frameworks like cyber kill chain and MITRE ATT&CK)
  • Ability to execute in a fast-paced environment with a bias for action
  • Bachelor's or master’s degree in related field or equivalent work experience
  • CISSP or equivalent certifications preferred, but not required

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.