Job Description
McKesson is an impact-driven, Fortune 10 company that touches virtually every
aspect of healthcare. We are known for delivering insights, products, and
services that make quality care more accessible and affordable. Here, we focus
on the health, happiness, and well-being of you and those we serve – we care.
What you do at McKesson matters. We foster a culture where you can grow, make
an impact, and are empowered to bring new ideas. Together, we thrive as we
shape the future of health for patients, our communities, and our people. If
you want to be part of tomorrow’s health today, we want to hear from you.
McKesson’s Senior Security Event Analyst will be a member or our Cyber
Investigations & Response Team responsible for monitoring, detecting,
triaging, and responding to security events and incidents in a 24 x 7 global
environment. Your mission is to timely detect and respond to security event
and possible security incidents from enterprise networks. To execute this
mission, you will use data analysis, threat intelligence, and cutting-edge
security technologies.
** _Responsibilities_** :
- Primary responsibilities include developing and mentoring the SOC L1L2 Information Security Analysts, ensuring processes are followed, updating and creating new processes as needed, setting and tracking metrics, and driving new detectionsuse cases from the SOC Analyst perspective.
- Serves as an escalation point of contact for L1 and L2 Security Operations Center (SOC) analysts.
- Work collaboratively with multiple teams as well as subject matter experts to include threat hunters, counter-threat Intelligence analysts, incident responders and forensic investigators.
- Stay current with and remain knowledgeable about new threats. Analyze threat actor tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
- Utilize security models and frameworks for documenting and tracking purposes, (e.g. MITRE ATT&CK; framework, Cyber Kill Chain (CKC) framework).
- Leverage automation and orchestration solutions to automate repetitive tasks.
- Assist with incident response as events are escalated, including triage, remediation and documentation.
- Collaborates with the owners of cyber defense tools to tune systems for optimum performance and to maximize detection and prevention effectiveness. and minimize false positives.
- Work alongside other security team members to search for and identify security issues generated from the network, including third-party relationships.
- Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats.
** _Qualifications_** :
- 7+ years of relevant cyber security experience in Threat Hunting, IT Security, Incident Response or network security with strong knowledge working in a Security Operations Center, Incident Response team, or Threat Hunting team.
- Experience working in a 24x7 operational environment, with geographic disparity preferred.
- Experience driving measurable improvement in monitoring and response capabilities at scale.
- Experience working with SIEM systems, Endpoint Detection and Response (EDR) solutions, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDSIPS), Data Loss Prevention and other network and security monitoring tools.
- Strong analytical and investigation skills.
- Excellent written and oral communication skills with the ability to effectively communicate with information technology professionals as well as senior management and auditors, assessors, and consultants.
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
- *_Preferred Technical and Professional Expertise_** :
- One or more of the Cyber Security related certifications such as Security+, CySA+, CASP+, Pentest+, CEH, GSEC, GCIH, GCIA, CISSP, etc.
- Bachelor’s degree in a technical field such as Computer Science, Information Security, Information Technology, Computer Engineering, or Information Systems. or equivalent degree is preferred.
- Working knowledgeexperience with network systems, security principles, applications and risk and compliance initiatives such as Health Information Portability and Accountability Ace (HIPAA), HITRUST, Sarbanes-Oxley Act (SOX) and the General Data Protection Regulation (GDPR).
- Experience and knowledge of packet flow, TCPUDP traffic, firewall technologies, IDS technologies, proxy technologies, and antivirus, spam and spyware solutions.
- Experience with one or more scripting languages (e.g., Python, JavaScript, Perl).
We are proud to offer a competitive compensation package at McKesson as part
of our Total Rewards. This is determined by several factors, including
performance, experience and skills, equity, regular job market evaluations,
and geographical markets. The pay range shown below is aligned with McKessons
pay philosophy, and pay will always be compliant with any applicable
regulations. In addition to base pay, other compensation, such as an annual
bonus or long-term incentive opportunities may be offered. For more
information regarding benefits at McKesson, please [click
here.](
**Our Base Pay Range for this position**
$116,700 - $194,500
**McKesson is an Equal Opportunity Employer**
McKesson provides equal employment opportunities to applicants and employees
and is committed to a diverse and inclusive environment without regard to
race, color, religion, sex, sexual orientation, gender identity, national
origin, protected veteran status, disability, age or genetic information. For
additional information on McKesson’s full Equal Employment Opportunity
policies, visit our [Equal Employment
Opportunity]( page.
**Join us at McKesson!**
Job Tags
Full time,