Cardinal Health

Application Security Engineer

Reposted Yesterday

Be an Early Applicant

Hiring Remotely in IND

Remote

Senior level

Healthtech • Pharmaceutical

The Role

The Application Security Engineer will support security implementations, remediation partnerships, compliance monitoring, and assist in application security investigations while collaborating across teams.

Summary Generated by Built In

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

We currently have a full-time job opening for 'Specialist - Application Security'

Department overview:

The Information Security organization is on a tremendous growth journey.  We aim to be a world-class cybersecurity organization that enables Cardinal Health to be healthcare’s most trusted partner. We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented engineers who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun, collaborative atmosphere.

As a part of our growth, we are investing heavily in Application Security to enable the enterprise to deliver products and services to our customers with security in mind. Traditionally Application Security was a function of Security Architecture. This new team’s sole function is dedicated to Application Security and is being created to reflect its importance to our organization.

Job Overview:

The Application Security Engineer is a foundational member of the new Application Security team at Cardinal Health. This role will utilize one's Software Development experience to serve Cardinal Health's best interests by balancing security with software delivery.

Responsibilities include the following:

Support the implementation and configuration of application security tools
Partnering with application teams to assist with remediation of security gaps
Assist in monitoring organizational compliance with Application Security standards
Support the evaluation of new technologies and programming practices to facilitate application team secure adoption across the enterprise
Support ingesting application logs into SIEM and application monitoring and alerting systems to help build detections indicating possible application attacks and resiliency issues
Assisting the Incident Response team on application security investigations, where needed
Collaborating across Information Security to advocate for Application Security
Building custom tooling when none exists to enable software teams to embed security into their processes
Executing on the Application Security roadmap with the guidance of senior technical leaders
Qualifications:
Required Qualifications
Proven experience with one or more of the following development languages/platforms: Java, JavaScript, .NET/C#, Python, PHP/Laravel or CodeIngnitor
5yrs-8yrs of relevant experience
Preferred Qualifications
Familiarity with Application Security concepts
Understanding or previous experience in one or more of the following preferred:
- SDLC and DevSecOps concepts such as CI/CD pipelines
- Agile development concepts and methods such as Scrum or Kanban
- Container concepts and technologies, including Docker and Kubernetes
- OWASP Top 10
- Static or Dynamic code scanning and subsequent remediations
- Common application security controls, including WAF
- Common patterns for AuthN and AuthZ
- Experience in understanding the SCA/SAST/DAST Scanning process.
- Experience in understanding the scan results and share the tools agnostics to the application teams.
- Experience in creating dashboards and guide the application teams through the remediation process.
- Experience in Veracode a Plus.

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

To read and review this privacy notice click here

Top Skills

.Net/C#

Codeignitor

Docker

Java

JavaScript

Kubernetes

Laravel

Owasp

PHP

Python

Veracode

View all jobs at Cardinal Health

View Cardinal Health Profile

Report Job

Am I A Good Fit?

beta

Get Personalized Job Insights.

Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.

The Company

HQ: Dublin, OH

44,000 Employees

What We Do

Cardinal Health is a distributor of pharmaceuticals, a global manufacturer and distributor of medical and laboratory products, and a provider of performance and data solutions for healthcare facilities. With 50 years in business, operations in more than 35 countries and approximately 44,000 employees globally, Cardinal Health is essential to care.

We are navigating the complexities of healthcare and providing scaled solutions to help our customers thrive in a changing world. We strive to be a trusted healthcare partner by driving growth in evolving areas of healthcare, while building upon our distribution, products, and solutions to meet customer needs.