Data Protection Engineer

Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.

Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 50,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500.

We currently have a full-time job opening for an Experienced Engineer on the Data Protection team. This position can be either at our Dublin center or remote.

The Experienced Data Protection Engineer will assist the manager of the data protection team at Cardinal Health. This engineer will also work with the tech lead to architect, design, and support technology solutions for protecting data in motion and especially for data at rest. This may include the need to use Data Loss Prevention (DLP) tools, our Cloud Access Security Broker (CASB), email security tools or others. This engineer will also play a role in supporting key leadership requests as the data protection program is developed and continually aligned with the changing technological landscape as well as industry evolutions and trends.

• Assist in the design and support of data protection technology advancements/developments.
• Assist fellow engineers in supporting GCP Big Query initiatives inclusive of scan configurations and reporting in GCP.
• Manage policies and configuration of data protection technology rule sets per program requirements and leadership requests.
• Help drive CASB integrations and the overall advancement of company data at rest initiatives in relevant environments and applications.
• Partner with the manager and technical lead to provide security expertise to corporate, market segments and IT teams.
• Provide consultation and implement appropriate DLP security and monitoring controls in support of relevant M&A activities and Zero Trust discussions.
• Take a central role in defining and then implementing requested security controls to enable delivery of the Data protection road map initiatives.
• Support the technical lead and manager in collaboration across Information Security, Data governance and business units to aid in the development, growth, and evolution of our security culture.
• Participate in relevant/daily DLP event remediation activities and help drive automated tasks of relevant DLP detections in collaboration with analysts.
• Participate in corporate policy updates and developments.
• Take an active role in supporting relevant POC efforts for new technologies.

• Prior experience with industry tools, especially CASB and email encryption technologies.
• Prior experience leveraging/configuring XSOAR solutions towards event and incident remediation in DLP.
• Prior exposure and usage of GCP-native security controls.
• Proficient with query development and understanding of SIEM solutions.
• Solid understanding of Zero Trust principles and best practices relating to the data pillar.
• Demonstrated Information Security understanding and specifically industry best practices for the development of data protection processes.
• One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA, SSCP or similar
• Bachelor’s Degree in related field or equivalent work experience
• At least 6-8 years of experience working with data protection technologies preferred.

• Provides general guidance on new technical requests and tasks
• Recommends new practices, processes, metrics, or models
• Acts as a mentor to less experienced colleagues
• Strong understanding of data protection technologies for both in motion and at rest detection.
• Ability to work interdependently and provide consultative recommendations on best practices.
• Ability to align program developments with organizational priorities through an understanding of processes and technologies.

Anticipated salary range: $93,500 - $140,280

Bonus eligible: No

Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.

• Medical, dental and vision coverage
• Paid time off plan
• Health savings account (HSA)
• 401k savings plan
• Access to wages before pay day with myFlexPay
• Flexible spending accounts (FSAs)
• Short- and long-term disability coverage
• Work-Life resources
• Paid parental leave
• Healthy lifestyle programs

Application window anticipated to close: 10/15/2025. If interested in opportunity, please submit application as soon as possible.

The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

Cardinal Health is committed to protecting your privacy. To review our privacy policy, please refer to Cardinal Health’s online privacy notice in the application portal.