Job Information
Cardinal Health Sr Engineer, Vendor Third Party Risk in Helena, Montana
Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company, providing customized solutions for hospitals, health systems, pharmacies, ambulatory surgery centers, clinical laboratories and physician offices worldwide.
The company provides clinically proven medical products, pharmaceuticals and cost-effective solutions that enhance supply chain efficiency from hospital to home. Cardinal Health connects patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with approximately 50,000 employees in 46 countries, Cardinal Health ranks among the top 25 on the Fortune 500.
We currently have a full-time job opening for a Senior Engineer of Vendor Third Party Risk Management.
Department overview:
The Information Security team at Cardinal Health enables Cardinal Health to securely deliver healthcare products and solutions that improve the lives of people every day by ensuring security and controls is embedded into Cardinal Health’s people, process and technology. We are a remote-first team and are excited to offer full-time remote opportunities.
Job Overview:
The primary responsibility of this role is to collaborate with a variety of business units and teams within IT to help manage third party IT risks, vendor contracting and managing customer request for proposal responses.
This is a high-visibility position as we continue to build and roll-out these capabilities across the enterprise. This individual is expected to work autonomously, escalating issues as they are encountered and completing the assigned tasks within an established time frame. Ability to effectively work in a variety of challenging environments is critical in achieving success for the role.
Key responsibilities include:
Assess the governance, risk and compliance aspects related to prospective and incumbent third-party vendors to ensure compliance to Cardinal Health’s requirements
Leverage expertise in IT risk management to ensure effective communication and alignment between third-party vendors and internal requirements/objectives
Conduct quality assurance and effective peer review for team member assessments, audit findings and reports
Demonstrate experience analyzing and interpreting data sets to develop and enhance metrics for reporting, informed decision making and advancement of strategic and operational initiatives
Negotiate security terms and conditions with third parties and contract owners, identify risk remediation options and amend contracts as necessary. Collaborate closely with Legal Counsel to provide expert advice on Technical and Operational Measures (TOMS) and ensure compliance with security standards
Monitor and ensure compliance to HIPAA, SOX and PCI security requirements
Stay up to date on industry trends, regulatory expectations and emerging threats to advise team members, stakeholders and third parties on security methods that best aligns with policy and standards
Deep expertise and ability to educate colleagues on risk management, controls and compliance concepts, frameworks and policies
Act as a trusted subject matter expert to team members and stakeholders across the organization on third party risk management, including, providing guidance and mediation between vendors and business leaders
Skilled in accurately assessing security needs in alignment with business requirements and balancing security priorities with business objectives, to deliver mutually beneficial outcomes
Support audit engagements by leading remediation efforts and executing corrective actions. Ensure timely and effective resolution of audit findings to maintain compliance and improve operational processes
Leverage individual expertise to actively review program, enhance and provide recommendations for development of strategic plans
Identify and assess areas where existing policies, standards, procedures and guidelines require updates or new development. Recommend improvements and lead the implementation of approved changes to enhance organizational processes and compliance
Proficiently builds strong relationships and engages constructively in a proactive and transparent approach with senior business leaders, colleagues and stakeholders across the broader organization
Ability to establish authority, influence stakeholders and review & challenge without direct reporting responsibility
Ability to demonstrate leadership courage and inspire team members and colleagues across the organization to embrace change
Strong interpersonal and communications skills a must
Experience in contract negotiation and risk management is essential
Excellent analytical and problem-solving skills are essential
Proven ability to effectively assess and adapt to changing business priorities
Demonstrates superior teamwork skills
Train, assist and mentor junior team members
Trusted subject matter expert that delivers high quality work, applies sound judgment and works autonomously
Must demonstrate a heightened sense of personal ownership and accountability
Must demonstrate a personal sense of urgency
Excellent attention to detail
Preferred Qualifications:
Certification: Desired professional certifications (CISSP, CISA, CRISC, IAPP, CGEIT)
Network security knowledge and awareness of current technologies
Experience evaluating cloud-based technologies including security and API’s
Bachelor’s Degree in related field or equivalent work experience
Anticipated salary range: $121,600 - $182,385
Bonus eligible: Yes
Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.
Medical, dental and vision coverage
Paid time off plan
Health savings account (HSA)
401k savings plan
Access to wages before pay day with myFlexPay
Flexible spending accounts (FSAs)
Short- and long-term disability coverage
Work-Life resources
Paid parental leave
Healthy lifestyle programs
Application window anticipated to close: 10/21/2024 *if interested in opportunity, please submit application as soon as possible.
The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.
Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.
Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
To read and review this privacy notice click here (https://www.cardinalhealth.com/content/dam/corp/email/documents/corp/cardinal-health-online-application-privacy-policy.pdf)