Our organization is currently searching for a Information Security and Technology Risk Management director reporting directly to the VP Information Security and Technology Risk Management. The overall responsibility of the director is to ensure the safeguard of the company’s digital assets and computer systems for the Medical segment: by identifying and anticipating areas of risk and set in place a cohesive strategy to mitigate or reduce those risks.
Bachelor’s degree in computer science, computer engineering, or a related discipline; Strong, hands-on operations background, as well as a comprehensive understanding of information security
Certifications such as Certified Information Security Professional (CISSP) or Certified Information Security Manager (CISM) preferred
Proven leader in information security and technology risk management. Experienced a variety of environments that include consumer marketing, manufacturing, logistics/supply chain, and electronic commerce exposure
Demonstrated ability to manage competing priorities
Knowledge of security e.g., systems, methodologies, technologies, architectures, practices, policies, working knowledge of NIST Cybersecurity Framework preferred.
Architectural savvy – ability to evaluate security options in terms of their impact on the business model, or vice versa
Experienced in implementing applications and systems to support direct consumer interaction, including marketing, customer care, electronic commerce, and fulfillment functions
Ability to build sustainable competitive advantages through pragmatic, innovative security solutions
Experienced in establishing relationships and managing the risk of third parties that provide information technology capabilities or interface with information technology components of Cardinal Health’s environment
Experienced in evaluating the impact of data privacy regulations on policies, procedures and technology controls across the business
High-quality analytical skills, leadership experience, and exceptional relationship management competencies
Experience in strategic planning and/or policy development at a senior level.
Strong communication skills and the ability to communicate to executive management in business terms
Experience with mission critical global operations, large global IT organizations and complexity
Proven success transforming a culture to be more security and data privacy conscious
Self-starter and strong motivator
Identify protection goals, objectives and metrics for the Medical business segment
Manage the implementation of information security policy, standards, guidelines and procedures to ensure ongoing maintenance of security in the Medical business segment
Improve employee cybersecurity education and awareness in the Medical business segment including global locations
Assist with incidence response planning as well as investigation of security breaches, disciplinary and legal matters associated with breaches as necessary in the Medical segment
Assist in prioritizing information security initiatives and spending based on appropriate risk management taking into account the Medical segment business needs and priorities
Track and ensure accountability for action plans for identified audit, compliance and risk gaps in the Medical segment
Ensure information technology compliance with data privacy and other regulations in the Medical segment
25% travel domestically and internationally
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.