Full-time
Sr. Information Security Analyst - McKesson - Dallas-Fort Worth, TX

Current Need McKesson Technology has an opening for a Sr Information Security Analyst. This position will be based in our Alpharetta, GA; Las Colinas, TX; or Scottsdale, AZ office. Position Description This position is part of McKesson’s Information Security and Risk Management (ISRM) team and is accountable for promoting and deploying information security capabilities and compliance across the business units and Enterprise IT organizations. As a McKesson Sr. Information Security Analyst , you will be a key member of our ISRM team. This position will work collaboratively Global ISRM Service owners to ensure solutions and services are adopted effectively in business units. The position works closely with stakeholders in Infrastructure, Operations, Applications, and Compliance management to ensure alignment to our Global service capabilities. This position will also help represent the ISRM team on various projects and boards. This position will also support and promote global governance and control measures, process improvements and efficiencies in support of the global organization in alignment with Global IT services. The candidate will be an enthusiastic advocate of the globally-led Information Protection Strategy, ensuring that all global initiates and services are appropriately adopted in the market, following our strategic principle of global oversight, local insight. Sr. Analyst Key Responsibilities will include: Lead a cross-functional team of enterprise and local BU service teams to execute and deliver against defined objectives and scorecard goals Acts as an Information Security subject matter expert on cross‐business unit projects and endorse recommended solutions; providing thought leadership; coaching and mentoring other analysts as required Participate in Scaled Agile planning and associated ceremonies, which includes working with the Security Architect and Solution teams to identify and convert customer needs into functional requirements, create a comprehensive and cross-functional roadmap, drive set value-added objectives and manage/prioritize backlog items Ensure enterprise information security program objectives and requirements are communicated and understood by local stakeholders Provide regular, timely reporting on Business Unit progress towards objectives and validate centralized reporting for alignment. Collaborate with network security and operations teams to implement appropriate security controls and protections (e.g. firewalls, IDS/IPS, etc.) Collaborate with application and infrastructure teams in understanding and driving critical vulnerabilities (all layers) to remediation Provide analysis and solution options and ensure remediation in the event of a Security incident or event Support the business and IT teams in responding to customer security requests and inquiries Gather information to develop and document security requirements from the perspective of compliance, best practices and emerging trends Attend meetings as applicable Manage security findings with applicable stakeholders within the GRC system. Work in a self-directed, collaborative, and constructive manner with the business units, and our internal stakeholders to enhance the effectiveness of security processes and controls. Ensure the implementation of Information Security initiatives meet Global security policies and standards Minimum Requirements Typically has 7+ years of experience Critical Skills 7+ years technology, consulting or information security related experience Ability to generate high quality solution documentation and establish performance metrics to manage solution effectiveness. Experience in risk assessment, GRC software, audit, and IT security assessments. Familiar with compliance regulations, IT, security frameworks and standards (i.e. NIST, HIPAA, PCI, SOX, HITRUST) Knowledge or experience with vulnerability management/scanning solutions. Strong analytical and troubleshooting skills with an understanding of IT business operations and information security. Experience with one of the following areas: Experience in threat modeling and recommending risk mitigation plans for identified gaps Experience with executing vulnerability scans, leveraging toolsets and methods such as Veracode, Twistlock, MPTs, and Rapid 7 Understanding of identity access management principles and technologies (e.g. MFA, privileged access management, SSO, etc.) Knowledge of networking concepts (e.g. TCP/IP, LANs, VLANs, routing/switching, WANs, firewalls)

Additional Knowledge & Skills Knowledge of the Scaled Agile framework. Knowledge of ITIL service methodology. Knowledge of the healthcare and software industries. CISSP or equivalent certification preferred. Project management skills preferred. Experience in manage security incidents. A solution-oriented mindset, with the ability to exercise good professional judgment. Strong communication and interpersonal skills to build/maintain ongoing business relationships within all organizational levels. Ability to work in a fast-paced and agile development environment in virtual teams across multiple geographies. Ability to anticipate needs and drive clarity on expectations. Ability to exercise professional judgment within defined procedures. Must be able to work effectively both on teams as well as be self-motivated, task oriented and organized. Strong customer focus and obsession with quality. Ability to work in a fast-paced and agile development environment. Education 4-year degree in computer science or related field or equivalent experience For Internal Use Only Career Level – P4 McKesson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to Disability_Accommodation@McKesson.com. Resumes or CVs submitted to this email box will not be accepted.Current employees must apply through internal career site.Join us at McKesson!

Expired, click here to search for relevant jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.