Cardinal Health Senior IT Risk Third Party Advisor in South Carolina
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.
Cardinal Health’s Information Security team is on a tremendous growth journey adding a number of new team members in our Cyber Threat Operations Center, IT Risk and Compliance, and Security Architecture teams . We aim to be a world-class cybersecurity and risk management organization that enables Cardinal Health to be healthcare’s most trusted partner.
We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented team members who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere.
We currently have a full-time job opening for an Senior IT Risk Third Party Advisor.
Information Security and Risk Management (ISRM) at Cardinal Health exists to ensure the availability, integrity and confidentiality of critical healthcare infrastructure that safeguards the patient. Our mission is to promote a culture that protects information assets, manages risk and embeds security and controls in people, process and technology.
The primary responsibility of this role is to collaborate with a variety of Cardinal Health business units in order to address the requirements and needs that are established by our customers. Customer requirements include the completion of IT vendor third party risk assessments, third party certifications (i.e. SOC2 and HITRUST), providing direction on remediation procedures, and collaborating with the customer to address anything third party IT related risks.
This individual is required to quickly learn the various Cardinal Health business units, understand a wide array of IT controls/risks, work autonomously and to escalate issues as they are encountered in order to meet timelines set forth by the customer. Ability to effectively work in a variety of challenging environments is critical in achieving success for the role.
This role is a senior position within the team and will work with all members of the Information Security and Risk Management team as well as sales and customer support resources throughout the Cardinal Health enterprise.
- Develop and implement an effective strategy/process for addressing our customers’ IT security and controls concerns
- Establish and develop relationships with various members of the business (i.e., legal, sales, business leaders) and quickly become knowledgeable about the respective IT environment, controls and processes
- Effectively and efficiently complete third party risk assessments provided by our customers
- Advise the business on the selection, planning, execution and, if necessary, remediation of a third party certification (i.e. SOC2, HITRUST)
- Work with internal and customer legal counsel to align on mutually agreeable legal security and controls language to protect both organizations
- Effectively communicate identified gaps and planned remediation procedures to application owners and various members of leadership
- Understand when issues need to be escalated and/or communicated to Cardinal Health leadership
- Identify, establish and report on key performance indicators to track customer third party risk management trending as this space continues to expand
- Advanced IT compliance, IT audit and/or IT risk assessment experience is a requirement
- Familiarity with third party certifications such as SOC2 or HITRUST are a plus
- Security or risk certifications such as CISA (Certified Information Systems Auditor) or CISSP (Certified Information Systems Security Professional) are a plus
- Bachelors Degree in related field or equivalent work experience
- Ideal candidate will have excellent communication skills with leaders at all levels across the enterprise, an ability to work in a matrixed environment to drive pragmatic results and the motivation to proactively provide input / improve processes
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
To read and review this privacy notice click here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)
Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.