McKesson is looking for a Senior Information Security Analyst in the Information Security & Risk Management organization. This individual contributor is expected to possess strong analytical, process management, and communication skills. The role is tasked with driving and executing critical programs that govern and ensure compliance with McKesson's policies, applicable regulations, and controls.
The Senior Information Security Analyst is experienced with delivering enterprise IT security and compliance programs, including but not limited to:
IT audit support including the management and tracking of remediation plans
NIST and HITRUST control frameworks, ISO 27001 / SOC 1/2
Global Regulatory Compliance, including GDPR, CCPA, HIPAA, PCI, SOX, PIPEDA
Data protection, classification, handling, and retention
KPI/data/scorecards around risks, control gaps, progress - leverage analytics for trending and identification of systemic themes
The ideal candidate will have Fortune 1000 experience with demonstrated success in assisting IT information security, especially delivering with compliance programs. The successful candidate must have a proven ability to:
Partner and collaborate with leadership, cross-functional teams, and stakeholders across the enterprise, displaying strong influencing skills to work with various service and capability owners
Demonstrate strong communications and analytical skills, and be comfortable getting up to speed quickly on technical, security related content
Display analytical and planning skills necessary to manage key stakeholders for the implementation or improvement of information security controls
Prioritize and execute tasks with competing priorities
Develop the strategy and define metrics for management reviews cross functionally
Manage the analysis of critical information security processes, documentation and service delivery models; facilitate remediation of known issues resulting from gap analysis
Due to the nature of this role interfacing with all levels of the organization, cross-functional stakeholders, both business and technology partners, we are looking for an experienced professional who brings well rounded experience.
Typically has 7+ years of professional experience in IT Security or Compliance including project management, requirements definition, data analysis and/or deployment of business requirements to information systems.
7+ years in IT, Information Security Services, Security Operations, Information Systems Services, Data Protection, IT Deployment, and/or IT Compliance
Risk assessment, audit, and IT security assessments
Self-starter with a drive to continuously improve processes and remove inefficiencies
Interfacing with vendors, shared services owners, architecture, engineers and system owners to drive control capabilities to meet policy and regulatory compliance requirements
Have a general understanding of security technologies, which may include: SIEM, DLP, IDS/IPS, firewalls, and many other security compliance controls
Strong ability to influence or negotiate with stakeholders dealing with competing priorities
A balanced and strong communicator, calm, collected, organized, empathetic, who approaches situations thoughtfully
Ability to take information from many sources and put it in context for the proper audience to provide insightful and unique compromises or solutions
Capable of anticipating needs and driving clarity on expectations
A solution-oriented mindset, with the ability to exercise good professional judgment
CISA, CISSP or other similar professional designations
Education 4-year degree in computer science, information systems, or related field or equivalent experience preferred
McKesson is an Equal Opportunity/Affirmative Action employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.
McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to McKessonTalentAcquisition@mckesson.com . Resumes or CVs submitted to this email box will not be accepted.
Current employees must apply through the internal career site.
Join us at McKesson!
Internal Number: JR0044039
About McKesson Corporation
We deliver careers with purpose and potential. Our focus on better health starts with creating an inclusive environment with strong values where you can build a fulfilling career. You can count on us to provide you with resources and opportunities to grow and be your best, while contributing to our pursuit of improving lives. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient. We work to distribute medical supplies, bandages, syringes, vials of flu vaccine, and pharmaceutical drugs to help real patients like Jack, an eight-year-old boy battling cancer. We take that job seriously. Together, the work we do is shaping the future of healthcare. If you are passionate about combining a meaningful career with a balanced life, join us on this journey and apply for a job with McKesson today. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient.