Security Jobs Near Me (Cardinal Health) – IT Security and Compliance Analyst

Website Cardinal Health

Job Description:

The Security and Compliance Analyst reports directly to the FUSE Security Officer and will be responsible for day to day activities in implementing the information security and compliance program. The individual will assist in maintaining audit and compliance initiatives to ensure policies, standards, procedures, and audit activities are in alignment with business, IT, and regulatory requirements. Success in the role will be measured by the effectiveness of the implementation and operation of information security and compliance directives.

The overall purpose of this role is to drive both information security and compliance initiatives. The individual will perform internal and external security compliance monitoring activities, manage client audits, IT control audits, and security risk assessments. This role will assist in the management compliance with industry best practice controls, regulations and frameworks such as NIST, HIPAA, FedRAMP, PCI, ISO27001, HITRUST, and internal policies and standards.


Job Responsibilities:

  • Oversee information security compliance activities, including daily, weekly, quarterly and/or annual security risk assessments – both performing internal assessments and responding to external assessments
  • Assist in response to security assessments and questionnaires
  • Establish and maintain security & controls policies and procedures in accordance with applicable regulations
  • Manage corrective action logs and ensure issues are assigned priority and closed out in a timely manner
  • Research new security compliance requirements and assist in the evaluation of compliance control requirements.
  • Report security control related metrics and effectiveness
  • Evaluate, design, test, and recommend new or improved controls to keep FUSE current with industry standards and compliance requirements.
  • Partner with leadership regarding information security risks, controls, and audit requirements.
  • Collaborate with organizational teams to design and deliver training initiatives that promote the development of staff
  • Any other duties that may be required as assigned

Job Requirements:

  • Solid working knowledge of governance frameworks including NIST, ISO27000, FedRAMP, PCI, and HITRUST
  • Experience participating in external security audits; SOC2 Type II and/or HITRUST preferred
  • Experience conducting needs assessments and identifying/implementing appropriate solutions
  • Must have unlimited work authorization in the United States with no requirement for future sponsorship.

Job Details:

Company: Cardinal Health

Vacancy Type:  Full Time

Job Location: Buffalo, NY, US

Application Deadline: N/A


Apply Here