Sr. Director, Cybersecurity Systems and Tool Management
Location:
Scottsdale , Arizona
Posted:
January 27, 2017
Reference:
17000048/1-en-us

McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payors, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. We believe in the importance of strong, vital organizations because we know that patients can only be healthy when our system is healthy.


Every single McKesson employee contributes to our mission—by joining McKesson you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.


We understand the importance of a system that works together. Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Join our team of leaders to begin a rewarding career.


Wherever you contribute here at McKesson, you will have the ability to make a real impact in the lives of others.


Current Need

This position will be responsible for delivering world-class security systems and tools management.  Responsibilities include enterprise systems management of host, network, database, application and SIEM security tools.  The role will work closely with mid and senior level management across the company and outside the company to spec, build, administer/configure, and maintain critical preventive and detective security infrastructure. 

 

Success requires a candidate with strong technical security knowledge/expertise, proven service management skills, and the ability to manage supervisors of medium to large teams facing unique market challenges in talent attraction, development, and retention.

 

The team under this position will provide:

  • Design, implementation, maintenance, and overall lifecycle management of security systems and tools

  • High-availability, high-performance security prevention and detection security infrastructure leveraging both onsite and off-premise systems

The teams under this position will operate technical services (internal, partner, or outsource staffed) commonly referred to as:

  • Security systems administration

  • Enterprise systems management of cybersecurity tools

  • Management of security preventive and detective infrastructure

Position Description

McKesson has embarked on an important mission to become the leader in cybersecurity for global healthcare.  We are making significant investments to enhance our capabilities through talent development, resource levels, process maturity, and technology enablement.

 

As McKesson’s Sr. Director or VP of Cybersecurity Systems and Tool Management, you will be a key component of our team.  This position will be responsible for delivering highly available and scalable security infrastructure for a very large enterprise.  The ideal candidate has deep technical security knowledge/expertise, systems management and administration experience, proven service management skills, and the ability to manage a large team facing unique market challenges in talent attraction, development, and retention.

 

Responsibilities will include:

  • Strategic Planning – Develop and maintain a comprehensive vision and strategy of how the company defines, build, and maintains security infrastructure.

  • Program Management - Manage a large portfolio of security systems, tools, and services and the pipeline of projects/tasks to create, evolve, and change them as needed.  Various peers and partners will provide from the Information Security and Risk Management (ISRM) and Enterprise Technology Services (ETS) organizations including risk management alignment, project management, financial planning, and human resources.

  • Operations – Build and lead a team (15-20 staff) that delivers security systems and tools.

    • Host monitoring, defense, and configuration tools including antivirus, EDR, HIPS, firewall, etc.

    • Network monitoring and defense tools including IDS/IPS, packet capture, netflow, vulnerability scanning, web application firewalls, etc.

    • Database monitoring and defense tools including access monitoring, vulnerability scanning, logging/auditing, encryption management, etc.

    • Application monitoring and defense tools including vulnerability scanning, logging/auditing, etc.

    • SIEM and other security data management systems including Splunk, ELK, syslog, Win Event managers, etc.

    • You’ll be given access to a broad set of technology/tools, strong financial support, and the ability to set and drive new/improved directions as needed.

  • Collaboration, Reporting and Financial Management

    • Routinely collaborate with other stakeholders across the enterprise including security architecture, identity and access management, active defense team, application security, and security software engineering to defend our enterprise.

    • Coordinate closely with the ISRM Program Management team to provide regular metrics and reporting to measure the efficiency and effectiveness of the services, facilitate appropriate resource allocation, and increase the overall maturity of security capabilities.

    • Collaborate with other corporate functions including Internal Audit, Legal and Compliance, Privacy, and Enterprise Sourcing to ensure that the organization maintains a strong security posture.

    • Liaise with Business Information Security Officers (BISOs) for cybersecurity and IT Risk & Compliance Management program needs within business units.

    • Develop and manage a security budget and develop strategic plans to invest resources to efficiently reduce cybersecurity risk

 

Qualifications

Minimum Requirements
8+ years network systems experience including 7+ years managerial experience

 

Critical Skills

  • 8+ years cybersecurity/information security systems management experience including 4+ years leadership experience
  • Minimum of 8 years’ experience in cybersecurity services, security engineering, other IT, and/or technical risk management
  • Deep technical understanding of cybersecurity and service lifecycles including capacity planning and change management
  • Strong management skills planning, organizing, leading, and measuring service driven teams
  • Strong interpersonal and communications skills to build/ maintain ongoing business relationships
  • Experience with compliance regulations/laws, security frameworks and standards (e.g., NIST, HIPAA, ISO, COBIT, OWASP, ITIL, etc.).
  • Ability to exercise and mentor others on good professional judgment and security-related ethics

Additional Knowledge & Skills

  • Knowledge of the healthcare, distribution, or software industries is a plus
  • Experience with law enforcement, defense, or intelligence community a plus
  • OSCP, SANS/GIAC, CISSP or other similar professional certifications are a plus

Education
4-year degree in computer science or related field or equivalent experience

Certifications/Licensure
OSCP, SANS/GIAC, CISSP or other similar professional certifications are a plus

Physical Requirements
General Office Demands


Benefits & Company Statement
McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.

We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting.

But we can’t do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

Agency Statement
No agencies please.

 


A little about us:
McKesson is in business for better health.

Know someone who would be interested in this job? Share it with your network.