Product Leadership: Act as the primary Product Owner for the Immuta platform, managing the product backlog, defining user stories, and prioritizing features that align with the Data Office's strategic roadmap.
Policy & Workflow Development: Design, implement, and manage robust data access policies, controls, and workflows within Immuta to ensure secure, least-privilege access to sensitive data assets.
Access Governance: Establish and oversee the end-to-end data access lifecycle, ensuring all access provisioning is fully auditable and holds the necessary business and security approvals.
Cross-Functional Collaboration: Partner closely with a wide array of key stakeholders across Information Security, Data Engineering, Data Governance, Business Data Owners, Audit, and Compliance teams to capture requirements and ensure data access strategies meet enterprise standards.
Audit & Compliance Support: Assist internal and external audit teams by providing clear documentation, reporting, and evidence of access controls, workflows, and policy enforcement.
Requirements
8-12 years of experience, preferred
Bachelor's degree in related field, or equivalent work experience, preferred
Exceptional Attention to Detail: Proven track record of managing complex logic, building granular rulesets, and maintaining flawless documentation. You are someone who naturally double-checks configurations and anticipates edge cases.
Domain Expertise: Strong foundational knowledge of Information Security principles and Identity and Access Management (IAM) best practices.
Regulatory Knowledge: Strong familiarity with major data privacy and security regulations, particularly HIPAA, SOX, and GDPR, is highly preferred.
Stakeholder Management: Excellent communication and collaboration skills, with a proven ability to translate complex compliance requirements into actionable technical workflows for engineering teams.
Technical Acumen: Previous experience working with data platforms, data governance tools, or access management systems (experience specifically with Immuta is a significant plus).
Experience with data discovery and classification tools and techniques.
Experience with cloud security principles and practices.
Familiarity with data governance frameworks.
Experience working with Data Lake and Data Lake House environments such as Big Query, and Databricks.
Knowledge of ML and AI concepts and compliance implications for ML/AL in the industry
Relevant certifications such as CISSP, CISA, or CISM are highly desirable.
Anticipated salary range: $105,100 - $150,100
Bonus eligible: Yes
Benefits: Cardinal Health offers a wide variety of benefits and programs to support health and well-being.
Medical, dental and vision coverage
Paid time off plan
Health savings account (HSA)
401k savings plan
Access to wages before pay day with myFlexPay
Flexible spending accounts (FSAs)
Short- and long-term disability coverage
Work-Life resources
Paid parental leave
Healthy lifestyle programs
Application window anticipated to close: 08/04/2026 *if interested in opportunity, please submit application as soon as possible.
The salary range listed is an estimate. Pay at Cardinal Health is determined by multiple factors including, but not limited to, a candidate's geographical location, relevant education, experience and skills and an evaluation of internal pay equity
Candidates who are back-to-work, people with disabilities, without a college degree, and Veterans are encouraged to apply.
To read and review this privacy notice
Benefits
Health insuranceDental insuranceVision insurance401(k)Flexible scheduleEquity / stock optionsPerformance bonusParental leave
Additional Information
We are seeking an experienced and highly analytical Product Owner to lead the strategy, configuration, and continuous improvement of our data access management platform, Immuta. In this role, you will be responsible for translating security, privacy, compliance, and governance requirements into scalable access policies and workflows. You will serve as the crucial bridge between technical execution and compliance, ensuring that all data access provisioned is appropriate, strictly governed, routed through the proper approval channels, and auditable.
Cardinalhealth · Nationwide Field