Risk and Information Security Engineer

Company Overview: Cardinal Health, Inc. (NYSE: CAH) leads the way in the global healthcare services and products arena. Committed to improving patient care, we provide tailored solutions for various healthcare settings, including hospitals, pharmacies, and clinical laboratories. With a workforce of around 50,000, we rank among the top 15 in the Fortune 500, aspiring to be healthcare's most trusted partner. Department Overview: The Information Technology department is essential in the effective development, delivery, and operation of computing and information services. Our mission is to anticipate and provide IT solutions that empower operations and drive business value. Information Security and Risk is dedicated to implementing and enforcing security controls crucial for protecting our technological assets from intentional and unintentional threats. Our key responsibilities include disaster recovery planning, incident response, threat management, vulnerability assessments, and risk evaluations. We are excited to add a talented Identity and Access Management (IAM) Engineer to our team. In this vital role, you will lead the design, implementation, and management of IAM solutions that secure our enterprise applications. Your expertise will facilitate the secure and efficient integration of identity and access systems, especially as we experience growth through Mergers and Acquisitions. The ideal candidate will possess strong technical skills in contemporary IAM practices, an understanding of security protocols, and excellent communication abilities. Responsibilities: Application Integration Leadership: Lead the integration of various enterprise applications (SaaS, on-premise, custom-built) with our IAM infrastructure to ensure secure authentication, authorization, and efficient user provisioning. M&A Integration Strategy & Execution: Direct planning, design, and execution of IAM integration strategies that align with security goals during M&A activities. Analyze IAM environments of merging entities to identify challenges and formulate solutions. Identity System Merging & Consolidation: Manage the integration of identity providers, user directories (e.g., Active Directory, Azure AD, LDAP), and access management systems from acquired companies into our existing framework. User Lifecycle Management: Enhance and automate user provisioning, de-provisioning, and access reviews across integrated systems for employees, contractors, and partners, ensuring effective onboarding and offboarding during M&A transitions. Solution Design & Implementation: Create, implement, and manage IAM solutions such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), Privileged Access Management (PAM), and Role-Based Access Control (RBAC) frameworks. Security & Compliance: Ensure IAM systems meet regulatory standards (e.g., GDPR, HIPAA, SOX) and internal policies, maintaining detailed records of access activities to protect sensitive information. Technical Troubleshooting & Support: Diagnose and resolve IAM-related technical issues, providing expert support to internal teams and end-users throughout integration projects. Collaboration & Communication: Collaborate with cross-functional teams, including Information Security, IT Operations, HR, and Application Development, to ensure effective IAM deployment and integration with business operations. Clearly convey complex security concepts to both technical and non-technical audiences. Documentation & Best Practices: Create and maintain comprehensive technical documentation, including architecture diagrams and operational procedures. Stay updated on IAM best practices and regulatory obligations. Qualifications: Education: Bachelor’s degree in Computer Science, Information Technology, Information Security, or a related field, or equivalent practical experience. Experience: At least 5 years in IAM engineering roles with significant experience in large-scale enterprise solutions, particularly concerning M&A projects. Technical Expertise: Proficient in directory services (Active Directory, Azure AD, LDAP). Extensive knowledge of authentication technologies and standards (SSO, MFA, PAM). Hands-on experience with major IAM platforms (Okta, Microsoft Azure AD, CyberArk, ForgeRock, Ping Identity, SailPoint). Familiarity with scripting languages (PowerShell, Python) for automation. Deep understanding of security principles, risk management, and access control models (RBAC). Knowledge of DevOps practices. Familiarity with Zero Trust architecture principles. Awareness of AI/ML concepts in security, especially related to IAM. M&A Specific Skills: Experience in managing integration projects, evaluating IAM capabilities in acquired entities, and navigating differing identity infrastructures. Excellent communication skills for effective collaboration with diverse teams and stakeholders. Detail-oriented approach for accurate access control configurations and compliance. Strong problem-solving skills to troubleshoot access issues and design solutions. Self-motivated individual who takes ownership of projects and ensures IAM platform integrity. Adept at managing multiple priorities and meeting strict deadlines in a fast-paced M&A environment. Eager to adapt and keep pace with evolving IAM technologies and security threats. Anticipated salary range: $94,900 - $135,600 Bonus eligible: No Benefits: Cardinal Health offers a comprehensive benefits package to support employee health and well-being: Medical, dental, and vision coverage. Generous paid time off plans. Health savings accounts (HSA). 401k savings plans. Access to wages before payday with myFlexPay. Flexible spending accounts (FSA). Short- and long-term disability coverage. Work-Life resources. Paid parental leave. Programs promoting healthy lifestyles. Application window anticipated to close: 12/20/2025. If you are interested, please submit your application at your earliest convenience. The salary range mentioned is an estimate and may vary based on geographical location, education, experience, and skills. We encourage applicants who are re-entering the workforce, individuals with disabilities, those without a degree, and veterans to apply. Cardinal Health values an inclusive workplace that champions diverse thoughts, experiences, and backgrounds. We are an Equal Opportunity/Affirmative Action employer, and all qualified applicants will be considered for employment without discrimination. Please review our privacy notice for further information.

Created: 2026-03-10