Sr Analyst, Cyber Security (IR)

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500. 

We currently have a career opening for a Sr Analyst, Cyber Security.  

Cardinal Health Cyber Security Overview  

The Cardinal Health Cyber Threat Operations Center (CTOC) is on a tremendous growth journey.  Comprised of Operations, Engineering, and a dedicated Purple team, we aim to be a world-class cyber security organization that enables Cardinal Health to be healthcare’s most trusted partner.  We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented engineers who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere.  

The is a pivotal role in the Cyber Threat Operation Center at Cardinal Health.  This person is responsible for the CTOC’s visibility into Cardinal’s network, infrastructure, and applications and ensuring our operations team can quickly identify and respond to threats.  The ideal candidate’s unique blend of platform engineering and data science skills will help influence cyber security strategy and future roadmap initiatives. 

• We exist to ensure availability, integrity and confidentiality of healthcare infrastructure that safeguards the patient 
• We promote a culture that protects information assets, manages risk and embeds security in people, process and technology 
• Defines solutions that balance information security requirements against business needs.  
• Investigates and resolves security incidents and recommends enhancements to improve security. 

You will be working with the following:

Accountabilities

• Perform initial triage of security alerts, including gathering and documenting key incident details.
• Support enterprise-wide cyber defense teams in responding to and investigating security incidents.
• Utilize Enterprise Detection and Response solutions to collect artifacts and contribute to incident investigations.
• Perform log analysis from diverse sources (host, network, firewall, IDS/IPS) to identify indicators of compromise or suspicious activity.
• Assist in cyber defense incident triage, determining scope, urgency, and potential impact with escalation to senior team members as needed.
• Document findings and contribute to after-action reviews and incident reports.
• Monitor dashboards and alerts, escalating high-priority findings to Engineers or Managers.
• Collaborate with peers and intelligence analysts to correlate incident data with threat intelligence feeds.
• Support phishing mailbox triage, including analysis of suspicious emails and artifacts.
• Participate in team trend analysis activities and prepare data for reporting metrics.
• Assist in basic threat hunting activities by reviewing endpoint, network, and log data to proactively identify suspicious behavior or potential compromises.Support SOC engineering efforts by testing, tuning, and validating detection rules/playbooks (DNR) under guidance from senior team members.

Qualifications

• 2–3 years of experience in incident response, security operations, or a related field preferred.
• Associate’s or Bachelor’s degree in a related field (or equivalent work experience).
• Knowledge of intrusion detection and incident response techniques.
• Familiarity with SIEM platforms and EDR technologies.
• Knowledge of phishing analysis and mailbox management processes.
• Knowledge of common attack vectors and malware types.
• Ability to analyze host and network logs for security-relevant events.
• Strong analytical, problem-solving, and organizational skills.
• Strong written and verbal communication skills for documenting incidents.
• Proficient with PC tools, including Microsoft Office Suite.
• Willingness to learn and grow toward advanced incident response responsibilities (automation, playbook development, custom detection).

Anticipated salary range: $80,500 - $114,900

Bonus eligible: No

Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.

• Medical, dental and vision coverage
• Paid time off plan
• Health savings account (HSA)
• 401k savings plan
• Access to wages before pay day with myFlexPay
• Flexible spending accounts (FSAs)
• Short- and long-term disability coverage
• Work-Life resources
• Paid parental leave
• Healthy lifestyle programs

Application window anticipated to close: 10/28/2025 *if interested in opportunity, please submit application as soon as possible.

The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

To read and review this privacy notice click here