Senior Analyst, IT Business Solutions

What Application Development & Maintenance contributes to Cardinal Health

Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.

Application Development & Maintenance performs configuration or coding to develop, enhance and sustain the organization's software systems in a cross-functional team environment through adherence to established design control processes and good engineering practices. This job family programs and configures end user applications, systems, databases and websites to achieve the organization's internal needs and externally-facing business needs. Application Development & Maintenance partners with business leaders, investigates user needs and conducts regular assessments, maintenance and enhancements of existing applications.

Job Summary
The job will be supporting mostly the WaveMark™ Supply Management & Workflow Solutions which is a SaaS solution enabling healthcare providers and manufacturers to effectively manage supplies with market-leading innovative technology. WaveMark leverages a portfolio of advanced hardware (e.g., RFID) and cloud-based software including an analytics platform providing full visibility and control of all supplies from low-cost commodities to high-cost devices and implants. Our global footprint and continuous innovation deliver the most cost effective and workflow efficient patient care possible.

The IT Analyst plays a critical role in protecting the organization’s digital assets by working cross-functionally to design, implement, monitor, and enforce security processes and procedures. This position collaborates with software and hardware engineering, compliance, and other business units to ensure robust security practices are integrated across applications and operations. The analyst is responsible for developing and implementing mitigation strategies and maintaining compliance with industry standards and regulations.

Responsibilities:

• Application Portfolio Management (APM):
• Manage and maintain APM records (Wavemark, MarginAnalysis), ensuring data accuracy.
• Track APM resiliency deadlines and update relevant systems (worksheets, ServiceNow).
• Monitor Archer dashboards for upcoming deadlines and past-due remediations.
• Facilitate status calls with stakeholders regarding application resiliency, exemptions, and remediation.
• Collaborate with IT and business teams for APM record updates and reporting.
• Application Security & Compliance:
• Analyze security threats, vulnerabilities, and audit findings to prioritize remediation.
• Collaborate with product management and development teams to plan and schedule security fixes that align with business objectives.
• Support the integration of application logs into the SIEM and develop monitoring and alerting systems to detect potential application attacks and resiliency issues.
• Develop and implement testing/validation processes for security system effectiveness.
• Ensure adherence to enterprise security processes, business, regulatory, and legal requirements.
• Assist in security incident response using SIEM and other detection platforms.
• Review policies, procedures, system designs, and security controls against frameworks (e.g., NIST Cybersecurity Framework).
• Support implementation and configuration of application security tools.
• Monitor and ensure compliance with established application security standards.
• Assist the Incident Response team with application security investigations.
• Develop custom tools to help software teams embed security into their development processes when off-the-shelf solutions are unavailable.

Qualifications

• 2-4 years of experience, preferred
• Bachelor's degree in related field, or equivalent work experience, preferred
• Knowledge of SDLC and DevSecOps concepts such as CI/CD pipelines preferred
• Experience with common application security controls including WAF preferred
• Understanding of standard security control frameworks, including NIST Cybersecurity Framework (800-53) preferred
• Strong analytic, troubleshooting skills; can problem solve, organize, and manage multiple tasks and projects in a health information system environment preferred
• Able to stay objective and independent when completing assignments and consistently demonstrate the ability to hold information in confidence preferred
• Ability to learn new software and hardware packages and adapt to changes in technology preferred.
• Strong technical, process, and interpersonal skills to effectively analyze information systems, research and validate risks preferred.
• Knowledge of common patterns for AuthN and AuthZ preferred
• Experience in understanding SCA/SAST scan results and working with development teams to establish remediation plans preferred
• Experience in creating dashboards in Splunk, Rapid7 or other equivalent tools to measure and guide application security work preferred
• Experience with Veracode preferred
• One or more Information Security Certifications preferred: CISSP, CISM, CCSP, CISA preferred

What is expected of you and others at this level

• Applies working knowledge in the application of concepts, principles and technical capabilities to perform varied tasks
• Works on projects of moderate scope and complexity
• Identifies possible solutions to a variety of technical problems and takes action to resolve
• Applies judgment within defined parameters
• Receives general guidance and may receive more detailed instruction on new projects
• Work reviewed for sound reasoning and accuracy

Anticipated salary range: $80,500 - $103,410

Bonus eligible: No

Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.

• Medical, dental and vision coverage

• Paid time off plan

• Health savings account (HSA)

• 401k savings plan

• Access to wages before pay day with myFlexPay

• Flexible spending accounts (FSAs)

• Short- and long-term disability coverage

• Work-Life resources

• Paid parental leave

• Healthy lifestyle programs

Application window anticipated to close: 01/24/2026

*if interested in opportunity, please submit application as soon as possible.

The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate’s geographical location, relevant education, experience and skills and an evaluation of internal pay equity.

Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.

Cardinal Health supports an inclusive workplace that values diversity of thought, experience and background. We celebrate the power of our differences to create better solutions for our customers by ensuring employees can be their authentic selves each day.