Live chat
McKesson Corporation

RxTS Information Security Analyst

McKesson Corporation - Atlanta, GA

RxTS Information Security Analyst','18001742','!*!McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. At McKesson Pharmacy Systems & Automation, our Pharmacy Management Systems offer customer solutions through three technology systems: EnterpriseRx, PharmacyRx and Pharmaserv. We automate, streamline and centralize systems that conveniently convert data into information and services that help to provide better care, better business and better results.

Every single McKesson employee contributes to our mission—by joining McKesson Pharmacy Systems & Automationyou act as a catalyst in a chain of events that helps millions of people all over the globe. We understand the importance of a system that works together. You’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare.  Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Working here is your opportunity to shape an industry that’s vital to us all.

Join our team of leaders to begin a rewarding career.

Current Need

We are recruiting for a RxTS Information Security Analyst to join our ISRM team.  This position can be located in Atlanta, GA; Moon Township, PA; or Livonia, MI.

Position Description

The Information Security Risk Management (ISRM) organization is responsible for building and promoting an enterprise wide IT Governance and Risk Program.  The objective of this program is to identify potential risks, consult on possible solutions, and assist in determining the best balance of risk vs. business benefit to adequately protect critical IT assets (data, applications, and infrastructure).  The Business Information Security Officer is responsible for fulfilling the objectives of this program at business units throughout McKesson.  The scope of this program includes but is not limited to the following categories:

IT Governance

Emerging Technology

IT Asset Management

Sourcing

Application Management

Global IT

IT Resilience & Continuity

Project Management

Security & Privacy, and

IT Compliance

 Responsibilities:

Support the BISO for Rx Technology Solutions (RxTS) in developing and promoting the ISRM Program as priorities dictate.

Provide gap analysis between security policies/standards/regulations and practices, processes, and solutions; recommend actions to BISO.

Assist BISO in establishing, documenting, and managing processes and supporting tools used to accomplish IT compliance with regulatory and best practice security and compliance frameworks (e.g. SSAE 18, HIPAA-HITECH, PCI PA-DSS & PCI-DSS, HITRUST, ISO 27001, SOX, etc.)

Work with business and IT owners to establish priorities for process improvements to mitigate risk.

Analyze the company’s data protection needs and ensure secure solutions and process improvements are implemented.

Execute problem determination and resolution for security related problems

Help BISO coordinate with Business Units and Corporate functions in the event of incidents or breaches.

Train and assist security administration functions when necessary.

Interact with other IT Staff / Business Leads in meetings to assist with understanding security issues and discuss solutions.

Help with records management and metrics reporting regarding security and compliance data using the Archer Governance Risk & Compliance (GRC) and other tools as appropriate.

Assist with Disaster Recovery documentation and ensure associated processes meet business requirements.

Assist with Threat & Vulnerability Management process and tools.

Prepare automated and ad hoc reports and/or interpret data from various security tools and sources.

Assist with application data inventory, mapping, and development of data flow process documentation.

Support BISO in responding to 3rd party requests and monitoring critical vendors.

Support training and awareness efforts in the business units.

Monitor and provide project management support for business unit.

Implement security technology and remediation measures.

Monitor and or administer appropriate access and policies for security systems.

Consult and apply applicable encryption methods.','!*!Minimum Requirements6 years experience in administering security controls in an organization

Critical Skills

5 years in Information Security or Compliance related services, IT audit, Internal Audit and/or Risk Management Experience

Understanding of HIPAA-HITECH, PCI, HITRUST, ISO 27001, SOX, etc.

Knowledge of security controls for SaaS, PaaS, and IaaS cloud models within MS Azure, Amazon Web Services, etc.

Understanding of security controls for Windows servers / workstations, Unix, Linux; Oracle. 

Familiarity with security protection methods relating to systems and network Access, Vulnerabilities, SIEM logging/monitoring, Data Protection, etc.

Strong interpersonal skills to build / maintain ongoing business relationships.

Able to handle moderate to complex resolution without escalation and with minimal supervision.

Able to exercise professional judgment within defined procedures.

Experience in Risk Assessment, audit, and IT security assessments.

Familiar with healthcare and financial compliance regulations and IT and security frameworks and standards.

Additional Knowledge & Skills

Knowledge of the healthcare and software industries is a plus.Education4-year degree in computer science or related field or equivalent experiencePhysical RequirementsGeneral Office DemandsBenefits & Company StatementWe believe you should be rewarded for the important work you do. For that reason, you'll receive a competitive compensation and benefits package when you join our team.It starts with you. That's a simple sentence but it says a lot. It reminds each one of us that what we do matters. Every single McKesson employee contributes to our mission - whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. By connecting and improving the business of healthcare, we're helping to ensure that millions of patients get the treatment they need. And by choosing a career with McKesson Pharmacy Systems & Automation, you'll join a team of passionate people working together to improve lives and advance healthcare.At McKesson, we believe we can empower healthcare. And it all starts with you.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.McKesson is an equal opportunity and affirmative action employer - minorities/females/veterans/persons with disabilities.Agency StatementNo agencies please.','United States-Georgia-Atlanta','United States-Pennsylvania-Moon Township, United States-Michigan-Livonia','','','','','Technology','McKesson Corporate','Regular','Standard','','Full-time','Day Job','','Jun 26, 2018','RxTS Information Security Analyst

86 days 8 hours ago

McKesson Corporation

apply

RxTS Information Security Analyst McKesson Corporation - Atlanta, GA, United States

   

Location: Atlanta, GA

Company Profile:
McKesson is in business for better health. As a company working with health care stakeholders in every setting, we are charting the course toward a stronger, more sustainable future for the entire industry.