SIEM Engineer

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) is a global, integrated healthcare services and products company connecting patients, providers, payers, pharmacists and manufacturers for integrated care coordination and better patient management. Backed by nearly 100 years of experience, with more than 48,000 employees in nearly 60 countries, Cardinal Health ranks among the top 20 on the Fortune 500 , America's Most Innovative Companies #51,Fortune Sector Leaders : Health Care #5 with a $223 billion. of revenue in FY25

About Cardinal Health International India (CHII) :

Cardinal Health International India (CHII) is part of the Cardinal Heath

Cardinal Heath Global Technology and Business Services ( GTBS) team. CHII leverages technology to offer scalable and healthcare solutions to enhance efficiency and improve quality of care across the value chain. Our vision is to build a world class capability center that is an intersection of tech-innovation and learning, empowering our people to build solutions which will solve healthcare’s most complex challenges. 

Department overview:

Information Security and Risk Management (ISRM) at Cardinal Health enables Cardinal Health to securely deliver healthcare products and solutions that improve the lives of people every day by ensuring security and controls are embedded into Cardinal Health’s people, process and technology.

We boast tremendous opportunities to grow and apply technical skills to meet organizational needs, empowering talented team members who mentor and uplift others, led by leaders with a maniacal focus on employee development and well-being, dedicated training programs, and a fun and collaborative atmosphere.  

We currently have a career opening for a Cybersecurity SIEM Engineer on the Cybersecurity Platform Engineering team within our Information Security department.

About the role:

This role is part of the Information Security function for Cardinal Health International India Pvt Ltd (CHII). This role is responsible for onboarding and normalizing data sources from a variety of platforms, developing custom content including dashboards, apps, and addons for our SIEM platform. The right person for this role will be an individual with proven experience onboarding data and developing content for Splunk with a strong passion for Cybersecurity. Reporting to this role will be based on helix model, where you will report solid line to the local manager for your career development, benefits etc & dotted line to global manager for your statement of work

About the Team:

The Cybersecurity Platform Engineering team is the convergence between systems administration and cybersecurity to provide consistently reliable and available security platforms, while improving the operational efficiency and detection capabilities of cybersecurity operations through integrations, automation, and continuous improvement. We manage a wide range of cybersecurity platforms, build and manage security infrastructure, automate processes and develop custom integrations. 

Responsibilities: 

• Developing content, onboarding data, and integrating systems with our Security Information Event Management (SIEM)
• Building cloud native infrastructure including Linux servers, containers, and storage buckets
• Integration of platforms through APIs 
• Continuous optimization, tuning, and monitoring of platforms
• Working closely with Cyber Threat & Response
• Executing projects to improve the cybersecurity maturity of the organization
• Troubleshooting issues affecting internal customers
• Participation in POC/RFP by testing solutions or building test environments
• Mentor other members of the team

Qualifications

Required

• Experience onboarding data and developing content for Splunk
• Excellent Splunk query and dashboarding skills
• Proficient with Linux Operating Systems
• Experience working with APIs
• Experience with reading event logs from common IT and Security platforms
• Ability to collaborate with numerous teams and internal customers

Preferred (the following are a plus but not required) 

• Familiarity with security frameworks (MITRE ATT&CK, NIST CSF, etc.)
• Experience with Python
• Agile development experience
• General knowledge of networking, servers, cloud technologies, and firewalls.  
• Experience in a large enterprise environment (2000+ users) is a plus

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day. Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, ancestry, age, physical or mental disability, sex, sexual orientation, gender identity/expression, pregnancy, veteran status, marital status, creed, status with regard to public assistance, genetic status or any other status protected by federal, state or local law.

To read and review this privacy notice click here