Cyber Operations Manager

The Cyber Operations Manager is responsible for leading the organization's adversarial testing, attack simulations, and validation of detection capabilities. This dynamic position operates at the intersection of offensive and defensive cybersecurity, closely collaborating with teams such as Incident Response, Threat Intelligence, Detection Engineering, Platform Engineering, and Application Security to reinforce and validate Cardinal Health’s cybersecurity defenses.

This role is essential for establishing and managing a highly effective Purple Team while guiding the organization towards an automated, detection‑as‑code framework and innovative security capabilities. Candidates should possess profound technical expertise along with strong leadership skills, enabling them to translate complex security metrics into actionable strategies aligned with business risks.

• Direct Purple Team operations encompassing adversarial emulation, penetration testing, detection validation, and assurance of controls, ensuring alignment with real‑world threat actor profiles and enterprise risk priorities.
• Define and enhance the Purple Team strategy and roadmap, establishing scope, cadence, and metrics for adversarial exercises and detection testing.
• Champion the transition toward automation, integrating detection‑as‑code and agentic security processes in partnership with SOC and platform teams.
• Provide hands‑on technical mentorship across attack simulation frameworks, detection processes, logging validation, and telemetry quality assurance.
• Ensure that Purple Team findings contribute to substantial improvements in detection capabilities, response protocols, logging accuracy, and platform robustness.

• Recruit, nurture, and lead a diverse and inclusive Purple Team focused on mentoring, professional growth, and sustainable operations.
• Encourage a culture of psychological safety, collaboration, and continuous learning while upholding high technical standards.
• Skillfully balance hands‑on leadership with effective delegation and long‑term capacity planning.
• Guide engineers in advancing from task execution to systems thinking, automation development, and fostering collaboration across functions.

• Collaborate with Incident Response, Threat Intelligence, Detection Engineering, Platform Engineering, and Application Security to align adversarial testing with current threats and architectural changes.
• Act as a trusted advisor to security and technology leaders regarding adversarial risks, detection deficiencies, and assurance maturity.
• Clearly communicate Purple Team outcomes to both technical and non‑technical stakeholders, translating findings into informed risk management decisions.

• Establish repeatable, well‑governed processes for adversarial testing, detection validation, and the effective follow‑up after exercises.
• Ensure Purple Team activities meet the necessary regulatory, audit, cyber insurance, and customer assurance requirements where relevant.
• Monitor outcomes, trends, and gap areas to drive continuous enhancements and provide executive reporting.

• Extensive experience in offensive security, detection engineering, Purple Team operations, or related cyber fields.
• Demonstrated expertise in leading technical projects related to attack simulation, detection validation, and security automation.
• Proven track record of managing diverse and high‑performing technical teams.
• Outstanding communication and influencing capabilities across engineering, leadership, and business realms.
• Aptitude to function efficiently within complex enterprise environments and navigate transformative changes.
• Experience in implementing detection‑as‑code, automated testing frameworks, or agentic security solutions.
• Background in supporting large‑scale enterprise, cloud, or M&A integration environments.
• Ability to translate adversarial testing outcomes into measurable risk mitigation strategies.

• Management of department operations with supervision of professional employees and support staff.
• Active participation in formulating…