The Manager, Information Security & Risk (Purple Team) leads the organization’s adversarial testing, attack simulation, and detection validation capabilities. This role sits at the intersection of offensive and defensive security, partnering closely with Incident Response, Threat Intelligence, Detection Engineering, Platform Engineering, and Application Security to continuously validate and strengthen Cardinal Health’s cyber defenses.
This leader is accountable for building and operating a highly effective Purple Team while guiding the organization through a transformational evolution toward automation-first, detection-as-code, and emerging agentic security capabilities. The role requires deep technical credibility, strong people leadership, and the ability to translate complex security outcomes into actionable improvements aligned to business risk
Lead Purple Team operations across adversarial emulation, penetration testing, detection validation, and control assurance, ensuring activities reflect real-world threat actor behavior and enterprise risk priorities.
Define and evolve the Purple Team strategy and roadmap, including scope, cadence, and success metrics for adversarial exercises and detection testing.
Drive the transition toward detection-as-code, automated validation, and agentic security workflows in partnership with SOC and platform teams.
Provide hands-on technical guidance across attack simulation frameworks, detection pipelines, logging validation, and telemetry quality.
Ensure Purple Team findings lead to measurable improvements in detections, response playbooks, logging coverage, and platform resilience.
Recruit, develop, and lead a diverse and inclusive Purple Team with a strong focus on mentoring, growth, and sustainable operations.
Foster an environment of psychological safety, collaboration, and continuous learning while maintaining high technical standards.
Balance hands-on technical leadership with effective delegation, prioritization, and long-term capacity planning.
Coach engineers to grow from task execution into systems thinking, automation design, and cross-functional influence.
Partner with Incident Response, Threat Intelligence, Detection Engineering, Platform Engineering, and Application Security to align adversarial testing with active threats and evolving architectures.
Serve as a trusted advisor to security and technology leaders on adversarial risk, detection gaps, and assurance maturity.
Communicate Purple Team outcomes clearly to technical and non-technical stakeholders, translating findings into risk-informed decisions.
Establish repeatable, well-governed processes for adversarial testing, detection validation, and post-exercise follow-through.
Ensure Purple Team activities support regulatory, audit, cyber insurance, and customer assurance needs where applicable.
Track outcomes, trends, and coverage gaps to inform continuous improvement and executive reporting.
Deep experience in offensive security, detection engineering, Purple Team operations, or related cyber disciplines.
Demonstrated technical leadership across attack simulation, detection validation, and security automation.
Proven experience leading inclusive, high-performing technical teams.
Strong communication and influencing skills across engineering, leadership, and business stakeholders.
Ability to operate effectively in complex, matrixed enterprise environments and through transformation.
Experience implementing detection-as-code, automated validation frameworks, or agentic security capabilities.
Background supporting large-scale enterprise, cloud, or M&A integration environments.
Ability to translate adversarial testing outcomes into measurable risk reduction.
What is expected of you and others at this level
Manages department operations and supervises professional employees, front line supervisors and/or business support staff
Participates in the development of policies and procedures to achieve specific goals
Ensures employees operate within guidelines
Decisions have a short term impact on work processes, outcomes and customers
Interacts with subordinates, peers, customers, and suppliers at various management levels; may interact with senior management
Interactions normally involve resolution of issues related to operations and/or projects
Gains consensus from various parties involved
Adversarial emulations reflect current and emerging threat actor behaviors.
Detection and response improvements are directly traceable to Purple Team findings.
Automation and agentic capabilities increase coverage while reducing manual effort.
Team members show strong technical growth, engagement, and clear development paths.
Security partners actively seek Purple Team input on architecture and operational decisions.
Anticipated salary range: $123,400 - $193,930
Bonus eligible: Yes
Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.
Medical, dental and vision coverage
Paid time off plan
Health savings account (HSA)
401k savings plan
Access to wages before pay day with myFlexPay
Flexible spending accounts (FSAs)
Short- and long-term disability coverage
Work-Life resources
Paid parental leave
Healthy lifestyle programs
Application window anticipated to close: 6/4/2026 *if interested in opportunity, please submit application as soon as possible.
The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.
Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.
Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.
To read and review this privacy notice click here