Director, ISRM - Corporate Function
Location:
Alpharetta , Georgia
Posted:
January 10, 2017
Reference:
16009539/2-en-us

McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payors, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. We believe in the importance of strong, vital organizations because we know that patients can only be healthy when our system is healthy.


Every single McKesson employee contributes to our mission—by joining McKesson you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.


We understand the importance of a system that works together. Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Join our team of leaders to begin a rewarding career.


Wherever you contribute here at McKesson, you will have the ability to make a real impact in the lives of others.


Current Need

 

McKesson is looking for a Director, ISRM for McKesson’s Corporate Functions.  The Corporate functions comprise:

      • Finance

      • Human Resources & Administration

      • Corporate Strategy & Business Development

      • General Counsel & Compliance

This position can be based at our Scottsdale, AZ; Alpharetta, GA or San Francisco, CA office.

 

Position Description

 

Accountable for the Cybersecurity and IT Risk & Compliance Management program for McKesson’s Corporate Functions

  • Work closely with the BU CIO and management team to understand their strategic priorities, concerns and key IT risks
  • Works proactively with BU leadership to ensure security, IT risk and compliance is actively built in to the organization objectives. Areas of responsibility include:

    • IT Compliance and Customer Assurance

      • Lead the programs across the Corporate Functions to evaluate and maintain compliance with Corporate policies, regulations (Sensitive Employee Information, HIPAA, PCI etc) and other contractual requirements

      • Support the Corporate functions in responding to customer requests

    • Risk Management including vendor (3 party) assurance

      • Lead risk remediation efforts related to Information Security, and help monitor remediation of other key risks

      • Partner with the ISRM Director, 3rd Party Assurance for vendors supporting the Corporate functions – evaluating risks with new vendors and assessing and monitoring risks at existing vendors

    • Application/Product security

      • Work with the application teams and business leads to build security into their application lifecycle

    • BC/DR

      • Coordinate with the ISRM service continuity team to make sure there is adequate coverage for Business Continuity and Disaster Recovery Planning

    • Asset Management governance

      • Maintain an understanding of the IT environment – understanding what is supported by the Enterprise Technology & Services team, and what is directly managed by the Corporate functions

  • Works corporate leadership to determine acceptable levels of risk and reports on variance.

  • Provides input into McKesson Cybersecurity Strategy; executes objectives and report variance to Corporate defined priorities.

  • Provides regular metrics and reporting

  • Support Corporate Functions cybersecurity budget and planning


 


 


 


 


 


 


 

Qualifications

Minimum Requirements
8+ years experience in administering security controls in an organization

Critical Skills

  • Minimum of 6+ years in IT, Information  Security Services, IT audit,  and/or IT Risk Management Experience
  • Knowledge of the healthcare and software industries is a plus.
  • CISA, CISSP or other similar professional designations are a plus.
  • Strong interpersonal skills to build/ maintain ongoing business relationships
  • Strong Project and Time Management skills
  • Capable of anticipating needs and driving clarity on expectations.
  • Able to exercise professional judgment within defined procedures
  • Experience in Risk Assessment, audit, and IT security assessments
  • Familiar with compliance regulations, IT, security frameworks and standards

Additional Knowledge & Skills

  • Knowledge of the healthcare and software industries is a plus.
  • CISA, CISSP or other similar professional designations are a plus

Education
4-year degree in computer science or related field or equivalent experience

Certifications/Licensure


Physical Requirements
General Office Demands


Benefits & Company Statement
McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.

We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting.

But we can’t do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

Agency Statement
No agencies please.

A little about us:
McKesson is in business for better health.

Know someone who would be interested in this job? Share it with your network.