This position is part of McKesson's Information Security and Risk Management (ISRM) team and is responsible for performing security assessments of our internal applications and 3rd party IT solutions and providing applicable teams with remediation guidance.
This position works collaboratively with Global ISRM Service owners to ensure solutions and services are adopted effectively in business units. The position works closely with stakeholders in Infrastructure, Operations, Applications, and Compliance management to ensure alignment to our Global service capabilities. This position also helps represent the ISRM team on various projects and initiatives.
Sr Information Security Analyst Key Responsibilities will include:
Conducts IT security assessments on internal and third-party products and platforms through the lifecycle of IT technologies operated and managed by McKesson business units
Articulates risks and business impact to stakeholders
Drafts and deliver detailed reports to stakeholders explaining issues and recommendations for remediation
Maintains required documentation
Participate in Scaled Agile planning and associated ceremonies
Acts as an Information Security subject matter expert on cross-business unit projects and endorses recommended solutions; providing thought leadership; coaching and mentoring other analysts as required
Remain up-to-date on security threats, vulnerabilities and mitigations set forth by McKesson Technology and ISRM to reduce the enterprise attack surface
Stay abreast of evolving technologies and areas of risk against the rapidly changing threat landscape as well as standards and compliance requirements
Typically has 7+ years of experience of professional experience in IT Security or Compliance including project management, requirements definition, data analysis and/or deployment of business requirements to information systems.
7+ years technology, consulting, or information security related experience.
Experience in risk assessment, GRC software, audit, and IT security assessments.
Familiar with compliance regulations, IT, security frameworks and standards (i.e. NIST, HIPAA, PCI, SOX, HITRUST).
Have a general understanding of security technologies, which may include: SIEM, DLP, IDS/IPS, firewalls, and many other security compliance controls.
Strong analytical and troubleshooting skills with an understanding of IT business operations and information security.
Must be able to work effectively both on teams as well as be self-motivated, task oriented and organized.
Additional Knowledge & Skills
Knowledge of the Scaled Agile framework.
Knowledge of ITIL service methodology.
Knowledge of the healthcare and software industries.
CISSP or equivalent certification preferred.
Project management skills preferred.
A solution-oriented mindset, with the ability to exercise good professional judgment.
Strong communication and interpersonal skills to build/maintain ongoing business relationships within all organizational levels.
Ability to work in a fast-paced and agile development environment in virtual teams across multiple geographies.
Ability to anticipate needs and drive clarity on expectations.
Strong customer focus and obsession with quality.
McKesson is an Equal Opportunity/Affirmative Action employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.
McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to McKessonTalentAcquisition@mckesson.com . Resumes or CVs submitted to this email box will not be accepted.
Current employees must apply through the internal career site.
We deliver careers with purpose and potential. Our focus on better health starts with creating an inclusive environment with strong values where you can build a fulfilling career. You can count on us to provide you with resources and opportunities to grow and be your best, while contributing to our pursuit of improving lives. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient. We work to distribute medical supplies, bandages, syringes, vials of flu vaccine, and pharmaceutical drugs to help real patients like Jack, an eight-year-old boy battling cancer. We take that job seriously. Together, the work we do is shaping the future of healthcare. If you are passionate about combining a meaningful career with a balanced life, join us on this journey and apply for a job with McKesson today. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient.