Sr Analyst Information Security And Risk - Cyber Threat Intelligence

What Information Security And Risk Contributes To Cardinal Health

Information Technology oversees the effective development, delivery, and operation of computing and information services. This function anticipates, plans, and delivers Information Technology solutions and strategies that enable operations and drive business value.

Information Security and Risk develops, implements, and enforces security controls to protect the organizations technology assets from intentional or inadvertent modification, disclosure or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.

About The Role

As a P2 Senior Analyst supporting the Cyber Threat Intelligence (CTI) team, you will play a key role in maintaining and enhancing our enterprise security posture through the vetting and approval of URLs for business use and conducting open-source research to support threat intelligence initiatives. This role is ideal for a detail-oriented, analytical thinker with a passion for cybersecurity and a strong interest in threat research.

Key Responsibilities

• Review and analyze URL submissions for business use, applying security and reputational risk criteria to approve or deny requests.
• Conduct open-source intelligence (OSINT) research to support threat investigations and intelligence reporting.
• Maintain documentation and audit trails for whitelisting decisions.
• Collaborate with global CTI team members to support ongoing threat research and intelligence production.
• Assist in identifying emerging threats, trends, and vulnerabilities relevant to the healthcare sector.
• Contribute to the development and refinement of whitelisting processes and research methodologies.
• Support the creation of intelligence summaries and reports for internal stakeholders.
  
  

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field; or equivalent work experience.
• 1–2 years of experience in cybersecurity, threat intelligence, or a related field (internships or academic projects acceptable).
• Familiarity with OSINT tools and techniques (e.g., VirusTotal, URLScan, WHOIS, Shodan).
• Strong analytical and critical thinking skills.
• Excellent written and verbal communication skills in English.
• Ability to work independently and manage time effectively in a remote environment.
  
  

• Experience with URL filtering or whitelisting processes.
• Basic understanding of threat intelligence frameworks (e.g., Diamond, MITRE ATT&CK).
• Exposure to SIEM platforms (e.g., Splunk) and basic query writing.
• Familiarity with scripting languages (e.g., Python) or Excel for data analysis.
• Knowledge of the healthcare threat landscape or interest in learning.
  
  

• Opportunity to work with a Fortune 15 company in a mission-critical industry.
• Exposure to global cybersecurity operations and threat intelligence practices.
• Supportive and collaborative team environment.
• Professional development and training opportunities.