Application Security Engineer at Cardinal Health - Secure the Future of Healthcare in India

About Cardinal Health

Headquartered in Dublin, Ohio, Cardinal Health, Inc. (NYSE: CAH) stands as a global leader in integrated healthcare services and products. Connecting patients, providers, payers, pharmacists, and manufacturers, the company drives coordinated care and superior patient management. With nearly 100 years of experience, over 50,000 employees across nearly 60 countries, and a ranking among the top 20 on the Fortune 500, Cardinal Health is healthcare's most trusted partner.

In India, Cardinal Health is expanding its footprint, particularly in cutting-edge areas like cybersecurity. The Information Security organization is on an exciting growth trajectory, investing heavily in Application Security to embed security into every product and service delivered to customers.

Role Overview

As a foundational member of Cardinal Health's new Application Security team in IND07, India, the Application Security Engineer bridges software development and security. This full-time role demands balancing robust security with agile software delivery, leveraging your development expertise to protect healthcare applications. You'll collaborate with application teams, incident responders, and security architects in a fun, collaborative environment focused on employee well-being and technical excellence.

Key Responsibilities

The Application Security Engineer plays a pivotal role in operationalizing security across the enterprise. Core duties include:

• Implementing and configuring application security tools to safeguard development pipelines.
• Partnering with app teams to identify and remediate security vulnerabilities efficiently.
• Monitoring organizational adherence to Application Security standards and policies.
• Evaluating emerging technologies and programming practices to enable secure adoption enterprise-wide.
• Ingesting application logs into SIEM and monitoring systems to detect attacks and resiliency issues.
• Supporting Incident Response investigations related to application security incidents.
• Collaborating across Information Security to champion Application Security initiatives.
• Developing custom tools to integrate security seamlessly into software teams' workflows.
• Executing the Application Security roadmap under senior technical leadership.

Qualifications & Requirements

Required Qualifications

Candidates must bring proven experience with development languages/platforms such as Java, JavaScript, .NET/C#, Python, PHP/Laravel, or CodeIgniter. A minimum of 5-8 years of relevant experience is essential to hit the ground running in this dynamic role.

Preferred Qualifications

Ideal candidates possess familiarity with Application Security concepts and hands-on experience in:

• SDLC and DevSecOps, including CI/CD pipelines.
• Agile methodologies like Scrum or Kanban.
• Container technologies such as Docker and Kubernetes.
• OWASP Top 10 vulnerabilities.
• Static/Dynamic code analysis (SAST/DAST) and remediation.
• Application security controls like WAF, AuthN/AuthZ patterns.
• SCA/SAST/DAST scanning processes, interpreting results, creating dashboards, and guiding teams through remediation.
• Veracode experience is a significant plus.

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply. Cardinal Health champions an inclusive workplace celebrating diverse thoughts, experiences, and backgrounds.

Benefits & Perks

Joining Cardinal Health means accessing premium benefits tailored for high-performing professionals:

• Competitive salary estimated at INR 18-33 lakhs annually, reflecting healthcare sector rates with growth potential.
• Comprehensive health insurance and wellness programs prioritizing employee well-being.
• Dedicated training and development initiatives to sharpen technical skills.
• Flexible work options in a collaborative, fun atmosphere.
• Opportunities for global exposure within a Fortune 500 company.

Career Growth

Cardinal Health's Information Security team is built for rapid advancement. As a new Application Security team member, you'll work under leaders maniacally focused on development. Expect mentorship opportunities, technical deep dives, and a clear path to senior roles. The organization's investment in Application Security signals long-term commitment to your success in cybersecurity.

Why Join Us

Be part of healthcare's transformation at Cardinal Health. This role offers the chance to apply your software development prowess to real-world security challenges in a high-stakes industry. With a supportive culture, cutting-edge tools, and a mission to enable trusted partnerships, you'll thrive while making a tangible impact on patient care worldwide. IND07, India, positions you at the heart of our Asia-Pacific innovation hub.

Role FAQs

What experience level is required?

5-8 years in relevant development roles, with strong proficiency in listed languages.

Is prior AppSec experience mandatory?

Required: Development expertise. Preferred: AppSec knowledge, OWASP, scanning tools like Veracode.

What is the team structure?

Newly formed dedicated Application Security team, separate from Security Architecture, focused solely on app security.

How does this role support work-life balance?

Emphasis on well-being, collaborative culture, and flexible practices.

Apply today to secure healthcare's digital frontier with Cardinal Health!