Cardinal Health IT Security Risk Advisor in Dublin, Ohio
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 40,000 employees in nearly 60 countries, Cardinal Health ranks among the top 25 on the Fortune 500.
We currently have a full-time job opening for an IT Security Risk Advisor
Information Security and Risk Management (ISRM) at Cardinal Health exists to ensure the availability, integrity and confidentiality of critical healthcare infrastructure that safeguards the patient. Our mission is to promote a culture that protects information assets, manages risk and embeds security in people, process and technology.
This role is responsible for the coordination of Information Security and Risk Management (ISRM) team resources in support of IT and business projects as well as acting as the dedicated Risk Advisor on projects to ensure Cardinal Health policies, standards and best practices are being followed appropriately. Responsibilities also including leveraging the newly deployed Archer platform to track and report on open issues, remediation activities and exceptions.
This role offers the ability to interface and gain broad exposure to the various teams, technologies and different aspects of risk and security while maintaining an enterprise focus.
Additional responsibilities include:
- Act as a single point of contact for coordinating ongoing ISRM engagement with EIT and business projects
- Work with the project management office, solution architecture review team and other engagement points to ensure that ISRM resources are appropriately assigned to support EIT and business projects
- Develop effective relationships within EIT and the business in support of the departmental mission
- Execute the issues and remediation management processes to ensure EIT and business project compliance with IT security and risk policies and security architectural requirements
- Document risk advisory board exceptions as required
- Effectively communicate identified gaps and planned remediation procedures to leadership
- Understand when issues need to be escalated and/or communicated to various levels of Cardinal Health leadership
- Support and improve upon departmental metrics
- Proven background in information security/risk management and project management
- A broad understanding of Information Security and Risk Management (ISRM) responsibilities and deliverables along with the ability to collaborate with a variety of business units and teams within IT is required
- Ideal candidate will have excellent communication skills with leaders at all levels across the enterprise, an ability to work in a matrixed environment to drive pragmatic results and the motivation to proactively provide input/improve processes
- Automation governance experience is a plus
- Familiarity with the following frameworks: ISO 27001/2, NIST, HITRUST, etc.
- Experience with RSA Archer or other GRC platforms to manage policies is a plus
- CISA and/or CISSP is a plus
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.