Cybersecurity Incident Response Engineer

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

We currently have a career opening for an Cybersecurity Incident Response Engineer

Cardinal Health Cyber Security Overview 

The CTOC is on a tremendous growth journey. Comprised of Operations, Engineering, and a dedicated Purple team, we aim to be a world-class cybersecurity organization that enables Cardinal Health to be healthcare’s most trusted partner. We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented engineers who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun, collaborative atmosphere.

The is a pivotal role in the Cyber Threat Operation Center (CTOC) at Cardinal Health. This person is responsible for the CTOC’s visibility into Cardinal’s network, infrastructure, and applications and ensuring our operations team can quickly identify and respond to threats. The ideal candidate’s unique blend of platform engineering and data science skills will help influence cybersecurity strategy and future roadmap initiatives.

  • We exist to ensure availability, integrity and confidentiality of healthcare infrastructure that safeguards the patient
  • We promote a culture that protects information assets, manages risk and embeds security in people, process and technology
  • Defines solutions that balance information security requirements against business needs.
  • Investigates and resolves security incidents and recommends enhancements to improve security.

You will be working with the following:

  • Endpoints (laptop/desktop/server) related to cyber security
  • Incident response case management and automation (SOAR)
  • Incident Response toolsets
  • SIEM technologies and utilization within a cyber security environment
  • Cyber Kill Chain/Mitre ATT&CK frameworks and application within a cyber security command center
  • Logging/monitoring solutions and implementations
  • Agile methodology, sprint planning and daily scrum meetings
  • Applies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects related to incident response
  • Works on complex projects of large scope domestically and internationally
  • Develops technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organizational goals
  • Completes work independently; receives general guidance on new projects and tasks
  • May act as a mentor to less experienced colleagues
  • Provide an organized and risk-based approach to remediation of sensitive assets in the enterprise
  • Present data findings and influence organizational partners at multiple levels in the organization.
  • Establish strong reporting metrics to support the program and influence behaviors.
  • Act as liaison with solution owners and IT groups to ensure alignment of our strategy.


  • Proven experience with cyber security toolsets; specifically incident response.
  • Bachelor’s or master’s degree in related field or equivalent work experience
  • Strongly preferred 5+ years experience in related field preferred
  • CompTIA CySA+ or equivalent certifications preferred, but not required
  • Strong analytical, collaborative, problem solving, organizational and planning skills.
  • Proficient PC skills; including working knowledge of Microsoft Office products.

This job is to be performed entirely outside of Colorado.

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

More Information

Apply for this job

Leave your thoughts

Share this job