Director, Cyber Detection & Response

Cardinal HealthCardinal Health·Remote(United States)
Software Development

WFA Digital Insight

As the remote job market continues to evolve, demand for skilled cybersecurity professionals has grown exponentially, with a 25% increase in job postings over the past year. The Director, Cyber Detection & Response role at Cardinal Health stands out for its emphasis on proactive defense strategies and continuous improvement of detection and response capabilities. With the rise of remote work, companies are looking for experts who can safeguard their digital assets and infrastructure. Candidates should have a strong background in cybersecurity, experience with Security Operations Center (SOC) operations, and a keen understanding of threat intelligence and incident response. Before applying, it's essential to stay up-to-date on the latest cybersecurity trends and technologies, such as SIEM platforms and threat modeling activities.

Job Description

About the Role

The Director, Cyber Detection & Response is a critical leadership position responsible for establishing, leading, and continuously enhancing Cardinal Health's cybersecurity detection, monitoring, and incident response capabilities. This role plays a vital part in driving proactive defense strategies, improving detection and response capabilities, and ensuring alignment with risk and resilience objectives. The successful candidate will have a deep understanding of cybersecurity principles, threat intelligence, and incident response, as well as experience in managing Security Operations Center (SOC) operations. The role will be working closely with various stakeholders, including cybersecurity, IT, legal, and business teams, to ensure effective coordination of incident response efforts. The Director, Cyber Detection & Response will also be responsible for overseeing the development and optimization of detection use cases, analytics, and monitoring strategies to improve visibility across the environment. As a leader in the cybersecurity field, the Director, Cyber Detection & Response will be expected to stay up-to-date on the latest cybersecurity trends and technologies, and to continuously assess and improve the company's cybersecurity posture.

What You Will Do

  • Develop and lead the cybersecurity detection and response strategy aligned with enterprise risk, threat landscape, and business priorities
  • Establish governance frameworks and operating models for SOC, incident response, and threat management functions
  • Serve as an advisor to leadership on threat trends, detection capabilities, and response readiness
  • Drive continuous improvement of detection and response capabilities to address evolving threats and business needs
  • Oversee SOC operations, including security logging, monitoring, alerting, and incident triage across the environment
  • Oversee effective use of SIEM platforms to analyze correlated events, detect anomalies, and escalate potential incidents
  • Lead the development and optimization of detection use cases, analytics, and monitoring strategies to improve visibility across the environment
  • Oversee monitoring capabilities across IT and OT environments, ensuring coverage of critical systems and infrastructure
  • Lead detection engineering and security tooling functions, including SIEM, SOAR, EDR, UEBA, and DLP capabilities
  • Oversee the definition and implementation of use cases, rules, and configurations to improve automated detection, investigation, and response workflows
  • Drive optimization and integration of security tools to enhance operational efficiency and reduce false positives

What We Are Looking For

  • 8+ years of experience in cybersecurity, with a focus on threat detection, incident response, and security operations
  • Proven track record of leading and managing cybersecurity teams, including Security Operations Center (SOC) operations
  • Strong understanding of cybersecurity principles, threat intelligence, and incident response
  • Experience with SIEM platforms, threat modeling activities, and security tooling functions
  • Excellent leadership and communication skills, with the ability to advise senior leadership on cybersecurity matters
  • Strong analytical and problem-solving skills, with the ability to drive continuous improvement of detection and response capabilities
  • Experience with cloud-based security solutions and DevOps practices

Nice to Have

  • Experience with machine learning and artificial intelligence in cybersecurity
  • Knowledge of regulatory requirements, such as HIPAA and PCI-DSS
  • Experience with security orchestration, automation, and response (SOAR) tools
  • Certification in cybersecurity, such as CISSP or CISM

Benefits and Perks

  • Competitive salary and benefits package
  • Opportunity to work with a leading healthcare company
  • Collaborative and dynamic work environment
  • Professional development opportunities, including training and certification programs
  • Flexible working hours and remote work options
  • Access to cutting-edge cybersecurity tools and technologies
  • Recognition and reward programs for outstanding performance
  • Comprehensive health and wellness programs, including mental health support and employee assistance programs
  • Generous paid time off and holiday schedule
  • Retirement savings plan with company match
  • Employee stock purchase plan
  • Life insurance and disability benefits
  • Employee discounts and perks, including travel and entertainment discounts

How to Stand Out

  • Ensure your resume and cover letter are tailored to the cybersecurity industry, highlighting your experience with threat detection, incident response, and security operations.
  • Develop a strong understanding of SIEM platforms, threat modeling activities, and security tooling functions, and be prepared to discuss your experience with these technologies.
  • Practice your communication skills, as the ability to advise senior leadership on cybersecurity matters is a critical aspect of this role.
  • Be prepared to discuss your experience with cloud-based security solutions, DevOps practices, and machine learning and artificial intelligence in cybersecurity.
  • Research Cardinal Health's cybersecurity posture and be prepared to discuss how you can contribute to the company's proactive defense strategies and continuous improvement of detection and response capabilities.
  • Consider obtaining certifications in cybersecurity, such as CISSP or CISM, to demonstrate your expertise and commitment to the field.
  • Prepare examples of your experience with security orchestration, automation, and response (SOAR) tools, and be ready to discuss your approach to driving operational efficiency and reducing false positives.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.