Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
We currently have a full-time job opening for an Application Security Engineer.
The Information Security organization is on a tremendous growth journey. We aim to be a world-class cybersecurity organization that enables Cardinal Health to be healthcare's most trusted partner. We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented engineers who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun, collaborative atmosphere.
As a part of our growth, we are investing heavily in Application Security to enable the enterprise to deliver products and services to our customers with security in mind. Traditionally Application Security was a function of Security Architecture. This new team's sole function is dedicated to Application Security and is being created to reflect its importance to our organization.
The Application Security Analyst is a foundational member of the new Application Security team at Cardinal Health. This engineer blends extensive Software Development experience with a strong Information Security background to serve Cardinal Health's best interests by balancing security with software delivery. This role will be focused on Product Ownership and Business Analyst functions within an Application Security Team.
What is expected of you and others at this level
Applies advanced knowledge and understanding of concepts, principles, and technical capabilities to manage a wide variety of projects
Participates in the development of policies and procedures to achieve specific goals
Recommends new practices, processes, metrics, or models
Works on or may lead complex projects of large scope
Projects may have significant and long-term impact
Provides solutions which may set precedent
Independently determines method for completion of new projects
Receives guidance on overall project objectives
Acts as a mentor to less experienced colleagues
Good understanding of Application Security Concepts
Security related experience, working with application/software development teams, promoting continuous improvement, problem solving skills.
Experience writing requirements or user stories for the development of new features, enhancements to existing features, etc.
Ability to work with team and help prioritize the requirements strategically
Good Presentation and communication Skills.
Proven understanding of Application Security concepts
Understanding and previous experience in one or more of the following preferred:
SDLC and DevSecOps concepts such as CI/CD pipelines
Agile development concepts and methods such as Scrum or Kanban
Container concepts and technologies, including Docker and Kubernetes
OWASP Top 10
Static or Dynamic code scanning and subsequent remediations
Experience in understanding the SCA/SAST/DAST Scanning process.
Experience in understanding the scan results and share the tools agnostics to the application teams.
Experience in creating dashboards and guide the application teams through the remediation process.
Experience in Veracode a Plus.
Common application security controls, including WAF
Common patterns for AuthN and AuthZ
One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA
Bachelor's degree in related field, or equivalent work experience
Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.
Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a distributor of pharmaceuticals, a global manufacturer and distributor of medical and laboratory products, and a provider of performance and data solutions for healthcare facilities.We are a crucial link between the clinical and operational sides of healthcare, delivering end-to-end solutions and data-driving insights that advance healthcare and improve lives every day. With deep partnerships, diverse perspectives and innovative digital solutions, we build connections across the continuum of care. With more than 50 years of experience, we seize the opportunity to address healthcare's most complicated challenges – now, and in the future.As a global, growing company, we’re able to offer rewarding careers that let you make a positive impact on our customers and communities.