McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Position Description  

The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations. The candidate will have a demonstrated comprehension of insider threat planning, identification and components of an insider threat program, insider threat team development, strategies for effective communication of the program, and effective implementation and operation of the program within the organization. 

Key Responsibilities: 

Lead and collaborate on implementation of the Insider Threat Program. 

Recommend strategies to prevent potential insider threat behavior or incidents. 

Monitor existing policies and suggest modifications to enhance the capabilities of the Insider Threat Program. 

Collaborates with law enforcement (through the Incident Response team), industry experts, internal, and external peers to enhance the Insider Threat Program behavioral models and  detection techniques. 

Create roadmaps for the ongoing improvement of the Insider Threat Program. 

Responsible for daily operations and execution of the Insider Threat Program. 

Develop a training curriculum for members of the Insider Threat Program team. 

Develop and collaborate on training and awareness for McKesson employees and outside service workers (OSW). 

Develop and perform processes for the Insider Threat Team Program, including which types  of alerts to evaluate reporting, response and remediation steps in collaboration with key  Stakeholders. 

Conduct analytical and critical thinking; understand problem set, review facts, make accurate observations and judgments and provide recommendations/reporting. 

Technical Skills 

Provide advice and expert guidance on security issues affecting business process and procedures exploitable by insiders (both accidental and malicious actions)  

Provide input to the Insider Threat Program based on known and unknown threats. 

Build and implement processes and technologies to detect high-risk insider activities that are accidental or malicious in nature. 

Design reporting mechanisms for potential or actual insider threats. 

Create and implement constructs/threat detection use cases for early warning detection of potential insider threats. 

Test existing behavioral constructs for applicability and effectiveness. 

Evaluate technologies to enhance detection capabilities of behavioral constructs. 

Coordinate and collaborate with the SOC, HR, Legal, Help Desk, IT, CTI, DLP, and Corporate Physical Security Risk teams and Business Units (BUs) to remediate/mitigate identified risks. 

Review existing technology capabilities and limitations and build business case for recommended new technology capabilities. 

Conduct ongoing research of cyber insider threat. 

Provide specialized intelligence and threat analysis and production support. 

Communication skills 

Develop information and technical support documents, summaries, reports, presentations, and other products. 

Present briefings to personnel/key stakeholders 

Write clear, concise and timely intelligence products that identify, analyze, and collate disparate pieces of information 

Develop baseline of normal Network Device Behaviors; Implement User Behavior Analytics  tool 

Conduct risk assessments (on a regular basis), including risks to trade secrets, salary data, proposal data, proprietary data, strategic plans, Personally Identifiable Information (PII), and IT systems and servers, etc. 

Ensure access and logging to identified critical assets 

Monitor and Respond to Suspicious or Disruptive Behavior 

Minimum Requirements 

7+ years relevant experience 

Critical Skills 

3+ years’ experience with security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact Information Security 

1+ years’ experience with Insider Threat Program; and Information Security and network best practices 

4+ years’ experience providing advice and expert guidance on security issues affecting business process and procedures exploitable by insiders (both accidental and malicious actions) 

Additional Knowledge and Skills 

Strong verbal and written communication skills  

Ability and willingness to share on-call responsibilities, work non-standard hours, and travel (up to 20%) when required. 

Project management experience 

Working knowledge in principals of network and endpoint security, current threat and attack trends, and security principals. 

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!