We are seeking a highly motivated and detail-oriented Security and Compliance Analyst to join our Data Office. In this role, you will report to the Data Office Security and Compliance Manager and will be instrumental in safeguarding our data assets by developing, implementing, and monitoring security controls, conducting thorough risk assessments, and ensuring adherence to relevant regulations and internal policies. You will play a key role in maintaining a strong security posture and fostering a culture of data protection within the organization.
Responsibilities:
- Control Development and Implementation: Assist in the design, development, and implementation of security controls to protect data assets across various platforms and environments.
- Risk Assessments: Conduct regular risk assessments to identify, analyze, and evaluate potential threats, vulnerabilities, and compliance gaps.
- Control Testing and Validation: Perform regular control testing and validation activities to ensure the effectiveness of implemented security measures and identify areas for improvement.
- Documentation and Maintenance: Support the development and maintenance of comprehensive documentation, including policies, procedures, standards, and guidelines related to data security and compliance.
- Compliance Reporting: Generate accurate and timely reports to demonstrate compliance with relevant regulations, standards, and internal policies.
- Access Provisioning: Participate in access provisioning processes, ensuring adherence to the principle of least privilege and segregation of duties
- Cross-functional Collaboration: Collaborate effectively with cross-functional teams, including IT, Information Security, legal, Internal Audit, and business units, to address security and compliance issues and promote a unified approach to data protection.
- Threat and Vulnerability Management: Stay up-to-date on the latest security threats, vulnerabilities, and compliance requirements, and proactively recommend and implement measures to mitigate risks.
- Audit Support: Participate in internal and external security audits and investigations, providing necessary documentation and support to ensure successful outcomes.
- Compliance Issue Resolution: Monitor, manage, and resolve existing compliance issues, working with IT support staff to develop and implement mitigation strategies.
Qualifications:
- 2-5 years of experience in security and compliance, preferably within a data-focused environment, including hands-on experience with security controls development and implementation.
- Bachelor's degree in related field, or equivalent work experience, preferred
- Solid understanding and practical application of security frameworks and standards such as NIST, GDPR, HIPAA, SOX, and PCI DSS.
- Proven experience with risk assessment methodologies and frameworks, including risk assessment and management, and compliance reporting and documentation.
- Strong analytical and problem-solving skills, with the ability to assess complex IT systems, identify potential compliance gaps and risks, and apply data security best practices.
- Excellent communication and interpersonal skills, capable of effectively communicating technical concepts to non-technical audiences.
- Experience with data discovery and classification tools and techniques is a plus.
- Familiarity with cloud security principles and practices, as well as data governance frameworks, is highly desirable.
- Experience working with Data Lake and Data Lake House environments (e.g., BigQuery, Databricks) and analytical tools (e.g., Looker, Tableau, Alteryx) is a significant advantage.
- Knowledge of Machine Learning (ML) and Artificial Intelligence (AI) concepts and their compliance implications within the industry is beneficial.
- Relevant certifications such as CISSP, CISA, or CISM are highly desirable.
Anticipated salary range: $80,900 - $103,950
Bonus eligible: No
Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.
- Medical, dental and vision coverage
- Paid time off plan
- Health savings account (HSA)
- 401k savings plan
- Access to wages before pay day with myFlexPay
- Flexible spending accounts (FSAs)
- Short- and long-term disability coverage
- Work-Life resources
- Paid parental leave
- Healthy lifestyle programs
Application window anticipated to close: 01/17/2026 *if interested in opportunity, please submit application as soon as possible.
The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.
Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.
Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
To read and review this privacy notice click here