Job Description
What Cybersecurity Defense contributes to Cardinal Health Cybersecurity Defense focuses heavily on threat detection, incident response, and implementing security measures to protect our digital assets and infrastructure at Cardinal Health . The Director, Application Security is responsible for establishing, leading, and evolving the enterprise application security strategy to embed security into the software development lifecycle (SDLC) and reduce application-layer risk across the business segments. This leader ensures that applications and APIs are designed, developed, and deployed in alignment with security policies & standards, regulatory requirements, and risk management objectives. This Director oversees segment-aligned application security capabilities across Pharma, Medical, and Commercial Technology environments, enabling consistent governance, scalable processes, and effective risk mitigation across diverse application portfolios. Location - Open to candidates nationwide working in a fully remote capacity, with preference towards those based local to Central Ohio (willingness to travel into our Corporate HQ in Dublin, OH during certain period of the year is a plus) Responsibilities Lead the enterprise application security strategy aligned with cybersecurity, risk management, and business objectives. Establish governance frameworks to embed security into the software development lifecycle (SDLC) across all application domains. Collaborate with enterprise architecture, engineering, and product teams to align application security with technology strategies and transformation initiatives. Serve as an advisor to executive and business leadership on application security risks, priorities, and investment decisions. Drive a secure-by-design culture across development and engineering teams. Oversee application security capabilities across Pharma, Medical, and Commercial Technology segments, ensuring consistent implementation of security practices. Define segment-spe
