The Manager of Information Security & Risk (Purple Team) at Cardinal Health leads the organization’s adversarial testing and detection validation efforts, bridging offensive and defensive security practices. This role involves building a robust Purple Team to continuously validate and enhance cyber defenses through real-world threat simulations and automated detection frameworks. Day-to-day responsibilities include defining strategic initiatives, providing technical guidance on attack simulation and detection pipelines, and fostering a collaborative team environment that prioritizes growth and sustainability. The ideal candidate possesses deep experience in offensive security, detection engineering, and leading inclusive teams, with expertise in automation-first approaches and agentic security capabilities. They must excel in complex enterprise settings, effectively communicating findings to both technical and non-technical stakeholders while ensuring compliance with regulatory requirements. Success is measured by the team’s ability to reflect current threat behaviors, drive improvements in detection and response, and promote sustainable operational excellence across the organization.
Lead Purple Team operations for adversarial emulation and detection validation, aligning with real-world threats and enterprise risk priorities.
Define and evolve the Purple Team strategy to drive automation-first and agentic security capabilities.
Provide technical guidance on attack simulation frameworks, detection pipelines, and telemetry quality.
Ensure Purple Team findings result in measurable improvements in detections, response playbooks, and platform resilience.
Establish repeatable processes for adversarial testing and detection validation that support regulatory needs.
What we're looking for
Deep experience in offensive security and detection engineering.
Proven technical leadership in attack simulation and validation.
Strong track record of leading high-performing, inclusive teams.
Expertise in implementing detection-as-code and automated validation.
Background in large-scale enterprise or cloud environments.
Ability to translate complex security outcomes into business risk.
Effective communication with both technical and non-technical stakeholders.
Market check
Salary context
This
$123,400–$193,930
range sits above
49%
of similar postings on FindRole.
Peer median band
$121,550–$199,500
Median floor and ceiling across peers.
Typical midpoint (25–75%)
$142,400–$185,945
Middle half of comparable postings.
Based on 239 comparable postings.*
* 240 is the maximum number of comparable postings sampled.
Employer
About Cardinal Health
Cardinal Health is a global healthcare services and products company specializing in pharmaceutical distribution, medical products, and supply chain solutions for healthcare providers and pharmacies. Industry: Healthcare Distribution & Services
Cardinal Health currently has
32 open roles
on FindRole.
Listed pay typically runs
$105,100–$150,100
across 32 roles with salary data.