Business Systems Analyst
Tulsa , Oklahoma
January 10, 2017

McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. McKesson Health Solutions delivers industry-leading clinical evidence and expert technology to help payers and providers collaborate for better healthcare outcomes at lower costs. Our solutions reduce unnecessary healthcare utilization while improving outcomes; operationalize complex volume- and value-based payment models; and optimize billing communication between providers, patients and payers. Our solutions are in more than four out of five payers in the country; more than 3,900 hospitals and facilities use our InterQual® evidence-based decision support criteria; and our RelayHealth® financial solutions are used to automate 1.9 billion financial transactions each year.

We understand the importance of a system that works together. Your expertise, drive and passion can help us carry out our mission to improve lives and advance healthcare.

Join our team of leaders to begin a rewarding career.

Current Need
The MHS IT Operations business unit is seeking a Security Analyst with Splunk Enterprise Security experience.  This position will be responsible for monitoring and responding to Splunk Enterprise Security alerts and events that indicate a potential problem within the IT Operations environments.  Remediation could involve direct action or following up with the appropriate product or technical experts.  This position will also be responsible for creating new Splunk ES monitors and working with the various IT Operations teams to define and document monitoring processes and actions. 

Position Description
  • Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
  • Actively monitors alerts generated by the Splunk Enterprise Security application and determines appropriate response and action
  • Participate in Security Incident Response Team meetings and projects
  • Responds quickly, efficiently, and in a professional manner with the appropriate business area or security personnel
  • Researches and follows through on security related investigations identified by Splunk ES
  • Create a detailed final incident report with root cause analysis for all valid security incidents
  • Continually communicate with internal stakeholders and Security Operations team
  • Assists in the maintenance and support of existing Splunk Enterprise Security configuration and alerts and is actively involved in identifying additional opportunities and creating new ES searches and alerts
  • Tuning Splunk ES security monitoring rules/alerts/reports
  • Highlight and integrate areas for input into Splunk
  • Participate in project team meetings and assist in crafting indicators, metrics and projects as necessary
  • Remain calm and professional under stress
  • Interacts face to face, via telephone, e-mail, as well as remotely to support IT Operations and other MHS members
  • Collaborates effectively with on-site co-workers as well as all other McKesson team members daily to maintain a positive work environment
  • Documents processes and procedures
  • Adheres to all McKesson and customer policies, standards and Best Practices
  • May be assigned 24/7 on-call responsibilities and/or work flexible hours as needed
  • May be assigned tasks as needed to meet the needs of McKesson and the Customer
  • May be assigned tasks that must be performed during off peak hours


Minimum Requirements
  • 2+ years experience in business analysis, requirements definition and deployment of business requirements to information systems.

Critical Skills
  • Solid working knowledge of Splunk 6.0 or higher
  • Experience with Splunk Enterprise Security
  • Comfortable working in a Linux environment
  • Understanding of Networking
  • Effective communication skills both written and verbal
  • Professional level interpersonal skills
  • Ability to work autonomously and with geographically dispersed team 
  • 1 year experience with Splunk Enterprise Security

Additional Knowledge & Skills
  • Scripting language (Perl, Python, Chef, etc.)
  • Linux/Windows
  • Working knowledge of IT hardware and software in the health care environment and general office productivity tools

  • 4-year degree in computer science or related field or equivalent experience

Physical Requirements
General Office Demands

Benefits & Company Statement
McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.

We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting.

But we can’t do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

Agency Statement
No agencies please.

A little about us:
McKesson is in business for better health.

Know someone who would be interested in this job? Share it with your network.