Information Security and Risk Engineer

Company Overview: Cardinal Health, Inc. (NYSE: CAH) is at the forefront of the global healthcare services and products industry. With a commitment to enhancing patient care, we offer tailored solutions for hospitals, healthcare systems, pharmacies, ambulatory surgery centers, clinical laboratories, physician offices, and home patients. Our extensive portfolio includes the distribution of pharmaceuticals, manufacturing and distribution of medical products, operation of nuclear pharmacies, and advanced performance and data solutions. With around 50,000 global employees, we proudly rank among the top 15 in the Fortune 500, striving to be healthcare’s most trusted partner. Department Overview: Information Technology is dedicated to the efficient development, delivery, and operation of computing and information services. Our mission is to anticipate, plan, and deliver IT solutions and strategies that empower operations and drive business value. Information Security and Risk focuses on the development, implementation, and enforcement of security controls vital for safeguarding the organization's technological assets against both intentional and unintentional threats. Key responsibilities encompass disaster recovery planning, incident response, threat management, vulnerability scanning, and risk assessments. We are eager to welcome an adept Identity and Access Management (IAM) Engineer to our team. In this critical role, you will be a key player in designing, implementing, and managing IAM solutions that protect our enterprise applications. Your expertise will help facilitate secure, efficient integration of identity and access systems, particularly in light of our growth through Mergers and Acquisitions. The ideal candidate possesses profound technical proficiency in modern IAM principles, a strong understanding of protocols, and exceptional communication skills. Responsibilities: Application Integration Leadership: Spearhead the integration of diverse enterprise applications (SaaS, on-premise, custom-built) with our IAM infrastructure to ensure secure authentication, authorization, and streamlined user provisioning. M&A Integration Strategy & Execution: Direct the planning, design, and execution of IAM integration strategies aligned with organizational security goals during M&A transactions. Assess the IAM environment of merging entities to pinpoint issues and devise solutions. Identity System Merging & Consolidation: Oversee the intricate process of integrating various identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into our existing framework. User Lifecycle Management: Enhance and automate user provisioning, de-provisioning, and periodic access reviews across all integrated systems for employees, contractors, and partners, ensuring effective onboarding and offboarding during M&A transitions. Solution Design & Implementation: Create, implement, and maintain IAM solutions, including Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. Security & Compliance: Guarantee that IAM systems and processes adhere to regulatory standards (e.g., GDPR, HIPAA, SOX) and internal policies, while maintaining auditable records of access activities to protect sensitive information from breaches. Technical Troubleshooting & Support: Diagnose and resolve IAM-related technical issues, delivering expert support to internal teams and end-users throughout and after integration projects. Collaboration & Communication: Work collaboratively with cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM deployment and integration with business operations. Convey complex security concepts clearly to both technical and non-technical audiences. Documentation & Best Practices: Produce and maintain detailed technical documentation, including architecture diagrams, configuration guides, and operational procedures. Stay abreast of IAM best practices, regulatory obligations, and security trends. Qualifications: Education: Bachelor’s degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent hands-on experience. Experience: A minimum of 5 years in progressive IAM engineering roles, with substantial experience in large-scale enterprise solutions, particularly related to M&A projects. Technical Expertise: Proficient in directory services (Active Directory, Azure AD, LDAP). Extensive knowledge of authentication technologies and standards (SSO, MFA, PAM). Hands-on experience with major IAM platforms (Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). Familiarity with scripting languages (PowerShell, Python) for automation purposes. In-depth understanding of security principles, risk management, and access control models (RBAC). A grasp of DevOps practices. Familiarity with Zero Trust architecture principles. Awareness of AI/ML concepts applicable to security and risk management, particularly in IAM. M&A Specific Skills: Proven experience managing integration projects, analyzing existing IAM capabilities, workflows, and processes in acquired entities, and navigating varied identity infrastructures. Excellent communication and interpersonal abilities for effective collaboration with diverse teams and stakeholders. Detail-oriented approach to ensure accurate access control configurations and compliance. Strong problem-solving and analytical skills to troubleshoot access issues and design tailored solutions. A self-starter who takes initiative and full ownership of projects, ensuring accountability for IAM platform integrity. Adept at managing multiple priorities and meeting stringent deadlines in a dynamic M&A environment. Willingness to adapt and keep pace with evolving IAM technologies and security threats. Anticipated salary range: $94,900 - $135,600 Bonus eligible: No Benefits: Cardinal Health offers a robust benefits package to support employee health and well-being: Comprehensive medical, dental, and vision coverage Generous paid time off plans Health savings accounts (HSA) 401k savings plans Access to wages before payday with myFlexPay Flexible spending accounts (FSA) Short- and long-term disability coverage Work-Life resources Paid parental leave Programs for promoting healthy lifestyles Application window anticipated to close: 12/20/2025. If interested, please submit your application at your earliest convenience. The salary range mentioned is an estimate and may vary based on geographical location, relevant education, experience, skills, and internal pay equity considerations. Candidates re-entering the workforce, individuals with disabilities, those without a college degree, and veterans are encouraged to apply. Cardinal Health champions an inclusive workplace that values diverse thoughts, experiences, and backgrounds, fostering an environment where all employees can be themselves. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will be considered for employment without discrimination. Please review our privacy notice for further information.

Created: 2026-03-04