Senior Engineer, IT Controls & Compliance Lead

Cardinal Health Senior Engineer, IT Controls & Compliance Lead Cheyenne, Wyoming Apply Now

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a distributor of pharmaceuticals, a global manufacturer and distributor of medical and laboratory products, and a provider of performance and data solutions for health care facilities.

We are a crucial link between the clinical and operational sides of care, working with more than 4,500 sourcing and manufacturing partners to deliver end-to-end solutions and data-driven insights that advance healthcare and improve lives every day.

Department Overview:

Information Security and Risk Management (ISRM) at Cardinal Health enables Cardinal Health to securely deliver healthcare products and solutions by ensuring security and controls are embedded into our people, processes, and technology.

We currently have a career opening for a Sr. Engineer, Information Security and Risk, who will play a lead role focused on identifying key IT controls and compliance requirements and confirming that controls are being designed and implemented as solutions are being implemented.

Job Overview:

This role is a leader position within the team and requires an in-depth understanding of privacy and security regulations such as HIPAA, FDA, SOX, PCI DSS, CMMC, etc., as well as relevant control frameworks to drive compliance, while working with key stakeholders. Strong project management skills are required for success in this role.

The Senior Engineer will be responsible for partnering with project/program teams in assessing IT compliance requirements, facilitating discussions with key stakeholders to confirm compliance requirements are being met through appropriate design and execution of IT controls, and communicating status, risks, and issues to leadership on an ongoing basis.

Responsibilities:

1. Lead the Proactive Assurance efforts by engaging on projects/programs where new solutions are being designed and act as a “Compliance Lead” to confirm compliance requirements are identified and met.
2. Coordinate cross-functional compliance, legal, and IT team sessions to review compliance requirements and advise on process improvements.
3. Perform end-to-end future state solution reviews to understand scope.
4. Perform impact assessments to identify regulatory/compliance requirements.
5. Identify controls that need to be designed and implemented to meet compliance requirements.
6. Provide oversight over the compliance work stream to confirm compliance requirements are being designed and implemented.
7. Provide ongoing status updates to leadership on compliance requirements and escalate any risks/issues.

Qualifications:

1. Bachelor’s Degree in related field or equivalent work experience.
2. 10+ years experience in a related field.
3. Ability to manage projects/teams effectively.
4. Strong verbal and written communication skills with leaders at all levels.
5. Ability to work in a matrixed environment to drive results.
6. Ability to define and execute repeatable processes.
7. Effective time management and influencing skills.
8. Experience with IT risk and controls identification and assessments.
9. Experience with GRC (Governance, Risk and Compliance).
10. Prior experience with key IT regulation compliance including HIPAA, FDA, DEA, PCI, etc.
11. Prior experience with control frameworks to drive IT regulatory compliance.
12. Security or risk certifications such as CISA, CISSP, and/or CIPP are a plus.

Anticipated salary range: $119,800 - $171,100

Benefits: Cardinal Health offers a variety of benefits to support health and well-being.

1. Medical, dental, and vision coverage.
2. Paid time off plan.
3. Health savings account (HSA).
4. 401k savings plan.
5. Access to wages before payday with myFlexPay.
6. Flexible spending accounts (FSAs).
7. Short- and long-term disability coverage.
8. Work-Life resources.
9. Paid parental leave.

Application window anticipated to close: 9/28/2024. If interested, please submit your application as soon as possible.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience, and background. We celebrate the power of our differences to create better solutions for our customers. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to any status protected by law.