SonicJobs Logo
Left arrow iconBack to search
  1. Home
  2. Irving
  3. Corporate risk manager
  4. Global Lead Insider Threat Analyst

Global Lead Insider Threat Analyst

MCKESSON
Posted a day ago, valid for a year
Location

Irving, TX 75017, US

Salary

$120,000 - $144,000 per annum

info
Contract type

Full Time

By applying, a McKesson account will be created for you. McKesson's Privacy Policy will apply.

Sonic Summary

info
  • McKesson, a Fortune 10 company in healthcare, seeks an experienced information security practitioner to lead their Insider Threat Program.
  • The ideal candidate should have at least 7 years of relevant experience, including 3 years with security issues and 1 year specifically with Insider Threat Programs.
  • Key responsibilities include developing strategies to prevent insider threats, monitoring policies, and collaborating with various teams to enhance the program.
  • The position offers a competitive salary range of $139,000 to $231,600, with additional compensation opportunities based on performance and experience.
  • McKesson values diversity and inclusivity in its hiring practices and is committed to providing equal employment opportunities.

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Position Description  

 

The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations. The candidate will have a demonstrated comprehension of insider threat planning, identification and components of an insider threat program, insider threat team development, strategies for effective communication of the program, and effective implementation and operation of the program within the organization. 

 

Key Responsibilities: 

 

  • Lead and collaborate on implementation of the Insider Threat Program. 

  • Recommend strategies to prevent potential insider threat behavior or incidents. 

  • Monitor existing policies and suggest modifications to enhance the capabilities of the InsiderThreat Program. 

  • Collaborates with law enforcement (through the Incident Response team), industry experts, internal, and external peers to enhance the Insider Threat Program behavioral models and  detection techniques. 

  • Create roadmaps for the ongoing improvement of the Insider Threat Program. 

  • Responsible for daily operations and execution of the Insider Threat Program. 

  • Develop a training curriculum for members of the Insider Threat Program team. 

  • Develop and collaborate on training and awareness for McKesson employees and outside service workers (OSW). 

  • Develop and perform processes for the Insider Threat Team Program, including which types  of alerts to evaluate reporting, response and remediation steps in collaboration with key  Stakeholders. 

  • Conduct analytical and critical thinking; understand problem set, review facts, make accurate observations and judgments and provide recommendations/reporting. 

 

Technical Skills 

  • Provide advice and expert guidance on security issues affecting business process andprocedures exploitable by insiders (both accidental and malicious actions)  

  • Provide input to the Insider Threat Program based on known and unknown threats. 

  • Build and implement processes and technologies to detect high-risk insider activities that areaccidental or malicious in nature. 

  • Design reporting mechanisms for potential or actual insider threats. 

  • Create and implement constructs/threat detection use cases for early warning detection of potential insider threats. 

  • Test existing behavioral constructs for applicability and effectiveness. 

  • Evaluate technologies to enhance detection capabilities of behavioral constructs. 

  • Coordinate and collaborate with the SOC, HR, Legal, Help Desk, IT, CTI, DLP, and Corporate PhysicalSecurity Risk teams and Business Units (BUs) to remediate/mitigate identified risks. 

  • Review existing technology capabilities and limitations and build business case forrecommended new technology capabilities. 

  • Conduct ongoing research of cyber insider threat. 

  • Provide specialized intelligence and threat analysis and production support. 

 

Communication skills 

  • Develop information and technical support documents, summaries, reports, presentations, and other products. 

  • Present briefings to personnel/key stakeholders 

  • Write clear, concise and timely intelligence products that identify, analyze, and collate disparate pieces of information 

  • Develop baseline of normal Network Device Behaviors; Implement User Behavior Analytics  tool 

  • Conduct risk assessments (on a regular basis), including risks to trade secrets, salary data, proposal data, proprietary data, strategic plans, Personally Identifiable Information (PII), and IT systems and servers, etc. 

  • Ensure access and logging to identified critical assets 

  • Monitor and Respond to Suspicious or Disruptive Behavior 

 

Minimum Requirements 

7+ years relevant experience 

 

Critical Skills 

  • 3+ years’ experience with security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact Information Security 

  • 1+ years’ experience with Insider Threat Program; and Information Security and network best practices 

  • 4+ years’ experience providing advice and expert guidance on security issues affecting business process and procedures exploitable by insiders (both accidental and malicious actions) 

 

Additional Knowledge and Skills 

  • Strong verbal and written communication skills  

  • Ability and willingness to share on-call responsibilities, work non-standard hours, and travel (up to 20%) when required. 

  • Project management experience 

  • Working knowledge in principals of network and endpoint security, current threat and attacktrends, and security principals. 

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$139,000 - $231,600

McKesson is an Equal Opportunity Employer

 

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

 

Join us at McKesson!

Apply now in a few quick clicks

By applying, a McKesson account will be created for you. McKesson's Privacy Policy will apply.

Logo
SonicJobs
Your next career move. Sorted.
Search jobsbackground image

Contact us

© 2017 - 2024 SonicJobs App Ltd. All rights reserved

Terms & Conditions | Privacy Policy | AI Agent | Browse Jobs