Sr. Director, Security Architecture
Location:
Scottsdale , Arizona
Posted:
January 27, 2017
Reference:
17000054/1-en-us

McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payors, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. We believe in the importance of strong, vital organizations because we know that patients can only be healthy when our system is healthy.


Every single McKesson employee contributes to our mission—by joining McKesson you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.


We understand the importance of a system that works together. Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Join our team of leaders to begin a rewarding career.


Wherever you contribute here at McKesson, you will have the ability to make a real impact in the lives of others.


Current Need

This position will be responsible for leading a large security architecture team that delivers security ecosystem blueprints, internal standards, end-to-end strategies to address complex challenges, general security subject matter expertise, and project-driven security solutions engineering to cross organizational efforts.

 

Success in this role requires broad general technical security knowledge/expertise, proven service management skills, cross-functional project delivery, and the ability to manage a team responsible for driving security goals across the entire company in a highly collaborative manner.

 

This position can be located in our Scottsdale, AX, Alpharetta, GA or San Francisco, CA office locations.

Position Description

McKesson has embarked on an important mission to become the leader in cybersecurity for global healthcare.  We are making significant investments to enhance our capabilities through talent development, resource levels, process maturity, and technology enablement.

 

As McKesson’s Sr. Director of Security Architecture, you will be a key component of our team.  The candidate will manage a team of 10-15 staff with the ability to flex up as needed.  He or she will have a deep background in all aspects of security architecture including infrastructure, application, cloud, and mobile. He or she will work collaboratively with the Enterprise Architecture team.  The position works with stakeholders in Infrastructure, Operations, Applications, and Data Management to ensure alignment. He or she will also help represent information security on various projects and boards.

 

Responsibilities will include:

  • Strategic Planning – Develops and maintains a comprehensive vision and strategy for security architecture to accomplish department objectives of protecting our systems and data while facilitating new and existing business models highly dependent on technology.
  • Program Management - Manage a portfolio of architecture related services including the pipeline of projects/tasks to create, evolve, and change them as needed.  Various peers and partners will provide support both within and outside the larger ISRM organization including risk management alignment, project management, financial planning, and human resources.

  • Leadership and Services  – Build and lead a team that includes:

    • Analysis, requirement development, design, and governance of the security processes and tools ecosystem

    • Security technical and project leadership for fine grained solutions including developing robust security reference architectures

    • Develop guidelines and processes to govern a centralized security capabilities and services model

    • Provide technical and/or project leadership function for assigned security projects including; the protection of information systems assets, corporate information, and intellectual property

    • Leverage existing solutions and global design to drive standardization and simplification to reduce implementation timelines and costs

    • Build consensus for and communicate security standards and policies

    • Identify critical path decisions, make recommendations, and influence program leaders / business process owners

    • Interface with internal and external contributing organizations

    • Technical advisory and subject matter expertise to internal stakeholders and partners

    • Maintain a superior knowledge of the cyber security capabilities of operating systems, networking devices, control systems, and vendor offerings

    • Understand technical issues and the implications to the business, and be able to communicate them to management and other business leaders.

    • Drive consideration of cybersecurity tools and datasets to enhance detective and preventive control sets

  • Collaboration, Reporting and Financial Management

    • Routinely collaborate with other stakeholders in security software engineering, identity and access management, security systems administration/tools management, application security, and our cybersecurity active defense group to defend our enterprise from quickly evolving threats.

    • Coordinate closely with the ISRM Program Management team to provide regular metrics and reporting to measure the efficiency and effectiveness of the services, facilitate appropriate resource allocation, and increase the overall maturity of related security capabilities.

    • Collaborate with other corporate functions including Internal Audit, Legal and Compliance, Privacy, and Enterprise Sourcing to ensure that the organization maintains a strong security posture.

    • Liaise with Business Information Security Officers (BISOs) for cybersecurity and IT Risk & Compliance Management program needs within business units.

    • Develop and manage the related budget and develop strategic plans to invest resources to efficiently reduce risk.


 

 

Qualifications

Minimum Requirements
15+ years experience in software engineering and/or software architecture

Critical Skills

  • 8+ years security architecture experience including 4+ years management experience
  • Strong management skills planning, organizing, leading, and measuring service driven teams
  • Strong interpersonal and communications skills to build/ maintain ongoing business relationships
  • Experience with compliance regulations/laws, security frameworks and standards (e.g., NIST, HIPAA, ISO, COBIT, OWASP, ITIL, etc.).
  • Ability to exercise and mentor others on good professional judgment and security-related ethics

Additional Knowledge & Skills

  • Knowledge of the healthcare, distribution, or software industries is a plus
  • Experience with law enforcement, defense, or intelligence community a plus
  • OSCP, SANS/GIAC, CISSP or other similar professional certifications are a plus

Education
4-year degree in computer science or related field or equivalent experience

Certifications/Licensure
OSCP, SANS/GIAC, CISSP or other similar professional certifications are a plus

Physical Requirements
General Office Demands


Benefits & Company Statement
McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.

We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting.

But we can’t do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

Agency Statement
No agencies please.

 


A little about us:
McKesson is in business for better health.

Know someone who would be interested in this job? Share it with your network.