Cardinal Health Overview:

　　Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a distributor of pharmaceuticals, a global manufacturer and distributor of medical and laboratory products, and a provider of performance and data solutions for health care facilities.

　　We are a crucial link between the clinical and operational sides of care, working with more than 4,500 sourcing and manufacturing partners to deliver end-to-end solutions and data-driven insights that advance healthcare and improve lives every day. With deep partnerships, diverse perspectives and innovative digital solutions, we build connections across the continuum of care.

　　With 50 years of experience, approximately 44,000 employees and operations in more than 30 countries, Cardinal Health seizes the opportunity to address healthcare’s most complicated challenges — now, and in the future.

　　Department Overview:

　　Information Security and Risk Management (ISRM) at Cardinal Health enables Cardinal Health to securely deliver healthcare products and solutions that improve the lives of people every day by ensuring security and controls is embedded into Cardinal Health’s people, process and technology.

　　We currently have a career opening for a Sr. Engineer, Information Security and Risk, who will play an IT Compliance Program Run Lead role focused on implementing and assessing HITRUST for the organization.

　　Job Overview:

　　This role is a leader position within the team and requires having an in-depth understanding of the HITRSUT Framework along with knowledge of local, national and international privacy and security regulations such as HIPAA (Health Insurance Portability and Accountability Act), GDPR (General Data Protection Regulation) and the CCPA (California Consumer Privacy Act.)

　　This individual will lead HITRUST audit and compliance initiatives to ensure policies, standards, procedures, and audit activities are in alignment with business, IT, and HITRUST requirements. Success in the role will be measured by the effectiveness of the implementation and operation of information security as well as the ability to retain all current and future proposed HITRUST certifications.

　　Daily Responsibilities:

　　Oversee information security compliance activities for HITRUST, including quarterly and/or annual security risk assessmentsAssist in response to security assessments and questionnairesManage relationships with internal and external audit teams to achieve HITRUST complianceEstablish and maintain security & controls policies and procedures in accordance with applicable regulationsManage corrective action logs and ensure issues are assigned priority and closed out in a timely mannerResearch new security compliance requirements and assist in the evaluation of compliance control requirementsReport security control related metrics and effectivenessEvaluate, design, test, and recommend new or improved controls to keep current with industry standards and compliance requirementsPartner with leadership regarding information security risks, controls, and audit requirementsCollaborate with organizational teams to design and deliver training initiatives that promote the development of staffAny other duties that may be required as assignedQualifications:

　　Bachelor’s Degree in related field or equivalent work experience10+years’ experience in related fieldPriorexperience leading HITRUST audits in a large healthcare organizationPrior experience with control frameworks (e.g., NIST, COBIT, COSO, and ISO) to drive IT regulatory compliancePriorexperience working with Internal or External Audit functionsExperience with IT risk and controls identification and assessments including IT control design and effectiveness testingExperience with GRC (Governance, Risk and Compliance)Experience in analyzing data and creating reports/dashboards/views to provide visibility into risk and control landscapeIdeal candidate will have excellent communication skills (both verbal and written) with leaders at all levels within the organization, an ability to work in a matrixed environment to drive results, and the ability to clearly define and execute repeatable processesIdeal candidate will have an effective time management, active listening, meeting facilitation, and influencing skillsAbility to effectively navigate a variety of challenging environments, prioritize work and determine when to escalate to upper managementAnticipated salary range: $119,800 - $171,100

　　Bonus eligible: Yes

　　Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.

　　Medical, dental and vision coveragePaid time off planHealth savings account (HSA)401k savings planAccess to wages before pay day with myFlexPayFlexible spending accounts (FSAs)Short- and long-term disability coverageWork-Life resourcesPaid parental leaveHealthy lifestyle programsApplication window anticipated to close: 2/16/2024 *if interested in opportunity, please submit application as soon as possible.

　　Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

　　Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

　　To read and review this privacy notice click here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)

　　We are a team of nearly 48,000 mission-driven partners striving each day to advance healthcare and improve lives. We are Essential to care.

　　Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a distributor of pharmaceuticals, a global manufacturer and distributor of medical and laboratory products, and a provider of performance and data solutions for health care facilities

　　We are a crucial link between the clinical and operational sides of care, working with more than 4,500 sourcing and manufacturing partners to deliver end-to-end solutions and data-driven insights that advance healthcare and improve lives every day. With deep partnerships, diverse perspectives and innovative digital solutions, we build connections across the continuum of care.

　　With 50 years of experience, approximately 44,000 employees and operations in more than 30 countries, Cardinal Health seizes the opportunity to address healthcare’s most complicated challenges — now, and in the future.

　　On Thursday, Jan. 7, 2021, we celebrated the day our founder, Bob Walter, had the vision to start a business that became known as Cardinal Health.

　　One of the most important ways we celebrated was by giving back to the communities where we live and work. 2021 was a "Year of Service” for all Cardinal Health employees around the world.

　　View Cardinal Health on YouTube (http://youtube.com/user/CardinalHealth)

　　Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.