Sr. Information Security Manager - Security Operations Center (SOC) Position Summary
We are seeking a Sr. Information Security Manager to join the McKesson Security Operations Center responsible for monitoring, detecting, triaging, and responding to security events and incidents in a 24 x 7 global environment.
Essential Duties and Responsibilities
Manage the day-to-day SOC Operations for North America.
Manage a team of SOC analysts to monitor for and respond to security events 24x7x365.
Supervise the SOC team, provide technical guidance, and engage with other teams within the Information Security and Risk Management organization.
Oversee all management activities related to SOC operations including people management, training, and mentoring to direct reports.
Leverage automation and orchestration solutions to automate repetitive tasks.
Review and update SOC policies and procedures on a continuous basis.
Develop metrics and scorecards to measure SOC effectiveness and efficiency of SOC team members.
Stay current with and remain knowledgeable about new threats. Analyze attacker tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
Utilize security models and frameworks for documenting and tracking purposes, (e.g. MITRE ATT&CK framework, Cyber Kill Chain (CKC) framework)
Partner with the security architecture, security engineering and security automation teams to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
Manage career development for team members, including training and mentoring, conducting performance reviews and exhibiting behaviors to be modeled by team members.
Skills and Experience
At least 7+ years of information security monitoring and response experience.
Experience managing people, including technical staff in a 24x7 operational environment.
Experience developing and mentoring information security analysts within a global security operations center.
Experience driving measurable improvements in monitoring and response capabilities at scale.
Experience identifying and creating high fidelity threat detections for Cloud and On-Prem environments.
Experience with Network Security, Endpoint Security (EPP/EDR), Security Analytics, Security Orchestration, Automation, and Response (SOAR), Security Event Management, and other DLP and other network and system monitoring tools.
Working collaboratively and engaging with multiple security teams and subject matter experts to include threat hunters, counter-threat intelligence analysts, incident responders and forensic investigators.
Assisting with incident response as events are escalated, including triage, containment, remediation, and documentation.
Knowledge of the healthcare, distribution, or software industries is a plus
Knowledge of regulatory requirements for NIST, PCI, ISO 27001, HIPAA, GDPR, HITRUST, FedRamp, etc.
Bachelor's Degree in Management Information Systems, Computer Science is preferred.
CISSP, CISM and/or SANS certification a plus.
Master's degree in Computer Security, Cybersecurity, etc.
Certifications related to security (such as Security+, GSEC, GCIH, GCIA, CISSP, NCSF, etc.)
McKesson is an Equal Opportunity/Affirmative Action employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.
McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to McKessonTalentAcquisition@mckesson.com . Resumes or CVs submitted to this email box will not be accepted.
Current employees must apply through the internal career site.
Join us at McKesson!
Internal Number: JR0046067
About McKesson Corporation
We deliver careers with purpose and potential. Our focus on better health starts with creating an inclusive environment with strong values where you can build a fulfilling career. You can count on us to provide you with resources and opportunities to grow and be your best, while contributing to our pursuit of improving lives. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient. We work to distribute medical supplies, bandages, syringes, vials of flu vaccine, and pharmaceutical drugs to help real patients like Jack, an eight-year-old boy battling cancer. We take that job seriously. Together, the work we do is shaping the future of healthcare. If you are passionate about combining a meaningful career with a balanced life, join us on this journey and apply for a job with McKesson today. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient.