Supervisor, Information Security Incident Response – Remote

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

Cardinal Health’s Information Security team is on a tremendous growth journey adding a number of new team members in our Cyber Threat Operations Center, IT Risk and Compliance, and Security Architecture teams . We aim to be a world-class cybersecurity and risk management organization that enables Cardinal Health to be healthcare’s most trusted partner.

We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented team members who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere.

We currently have a career opening for a Supervisor, Information Security Incident Response. Open to employees living anywhere in the United States we are a remote first team with the majority of team members working 100% remotely.

The Supervisor is expected to lead engineers and analysts on the team in the tactical and strategic defense of Cardinal Health information, assets and operations across the enterprise. Job responsibilities include but are not limited to: Coordinates and supervises the daily activities of operations, or business support staff, administers and executes policies and procedures, ensures employees operate within guidelines, frequently interacts with teammates, consumers and peer groups at various management levels as well as hands on work in the Incident

Response Management disciplines.

What is expected of you and others at this level

  • High performing team member related to planning, development and execution of Incident Response program initiatives
  • Collaborate with Managers and Senior Engineers to design and execute fiscal year goals for Cyber Security, IT and the business
  • Applies comprehensive knowledge and a thorough understanding of concepts, principles and technical capabilities related to Incident Response framework and methodologies.
  • Develops and implements innovative solutions to a wide range of difficult problems.
  • Provide diverse thought and promote an inclusive environment
  • Completes work independently; receives general guidance on new projects
  • Mentorship of junior team members

Role Overview

This is a pivotal role in the Cyber Threat Operations Center (CTOC) at Cardinal Health. This person is responsible for the leading a team within the

CTOC creating visibility into Cardinal Health’s network, infrastructure, and applications and ensuring our operations team can quickly identify and respond to threats and incidents. The ideal candidate’s unique blend of leadership, Incident Response experience and collaborative team building skills will help influence and drive cybersecurity strategy and future roadmap initiatives.

You will be leading a team working with the following:

  • Next Gen endpoint cyber security related to workstations and servers (on-prem and cloud)
  • Incident Response case management and automation (SOAR) – phishing campaign, use case, alerts and EDR detection triage
  • SIEM technologies and utilization within a Cyber Threat Operations Center
  • Cyber Kill Chain/MITRE ATT&CK frameworks execution and development
  • Network and host-based firewall utilization and enhancements
  • Execute Incident Response use case, playbook and documentation efforts – enhancements and net new
  • Agile methodology, sprint planning and daily scrum meetings
  • Participate in a structured, valuable and comprehensive cyber security training program

The role will lead and help drive several program developments

  • Strategic – Tactical – Operational approach
  • Incident Response – Cloud/IaaS/IOT/OT
  • Post-incident response



  • Ability to lead and motivate cross-functional, interdisciplinary teams to achieve tactical and strategic goals including knowledge/experience
  • Proven experience with cyber security toolsets; specifically, Incident Response
  • Proven analytical, collaborative, problem solving, organizational and planning skills


  • Experience leading an Information Technology or Cyber Security team
  • CompTIA CySA+ or equivalent certifications
  • Familiarity with Cybersecurity Risk Management Frameworks
  • Practiced in project management, financial/budget management and staff management.
  • Experience working with SIEM, SOAR, and UEBA tools
  • Experience working in cloud native environments
  • Bachelors degree in related field or equivalent work experience

For any onsite, non-remote employees

A Covid-19 vaccination is required in order to be employed in this position. This includes either:

2 doses of the Moderna or Pfizer vaccine

1 dose of the Johnson & Johnson vaccine

Please Note: vaccines may be required for the position subject to federal, state and/or customer requirements

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

More Information

Apply for this job

Leave your thoughts

Share this job