Business Information Security Lead – CorporateIrving, Texas Job ID JR0089965 Category Information Security Post Date May. 22, 2023
The BISL will assist in providing recommendations and support for business/application specific risk assessments to include HIPAA, NIS, HIRUST, etc. and internal security practices, policies, and standards. The ISL will also lead/assist sub-BUs and Functional BU Divisions in the engagement to plan, educate, facilitate, and remediate security initiatives/projects across their assigned Business Unit(s) (BU) within McKesson. Additionally, this position will require collaboration and coordination with the BU Business Engagement Leaders (BELs) and ISRM security service towers/delivery leader and internal business clients.
Manage personnel directly/in a matrixed environment
ISRM Governance & Risk management compliance program
Define goals, progress towards those goals, timelines, planned activities, and issue remediation planning (annual planning, HIPAA, NIST 800-53/800-53A) related activities like control testing, etc.)
Consult and advise on business level security health, risks/issues, provides updates to BISO
Manage progress tracking communications with the business application owners
Manage progress tracking and remediation (BU BISO and BELs)
ISRM Policies and Standards:
Comment and review ISRM policies and procedures to identify required ISRM exceptions per BU
Facilitate in and foster ISRM activities for new application and system development
Full review of compliance/exceptions to policies with CIO and BISO (annual review)
Partner with BU Internal Audit (IA) and other similar, internal groups
Additional Knowledge & Skills:
Implement and demonstrate experience with cybersecurity best practices, security, and risk frameworks (i.e., NIST, HITRUST, FDA, ISO 27000, etc.).
Ability to think strategically, work with a sense of urgency and attention to detail
Ability to develop and follow detailed process and procedure documentation
Ability to present and solve complex solutions and methods to non-technical people
Must possess detailed planning and organizational skills
Experience managing client expectations and working with clients to minimize their risk exposure
Must establish compliance with all external governing bodies and internal ISRM policies, standards, and SOPs
Must work as part of a team or individual contributor and be able to manage complex relationships with all stake- holders
Must be well organized, a strong communicator, detail oriented, demonstrate good judgment, be confident working independently
Must have excellent verbal and written communication skills and the ability to interact professionally with a diverse group including, executives, managers, and subject matter experts
5-7+ years of relevant experience
Bachelor’s degree (in related field) or equivalent experience
Industry cybersecurity certification(s) (e.g. CISM, PMP, CCISO, Security+, etc.) a plus
At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to supportphysical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves. For more information regarding benefits at McKesson, pleaseclick here.
As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.
Our Base Pay Range for this position$130,700 - $217,900
McKesson is an Equal Opportunity/Affirmative Action employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.
McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to Disability_Accommodation@McKesson.com. Resumes or CVs submitted to this email box will not be accepted.
Current employees must apply through the internal career site.
Join us at McKesson!
How we work and live plays a big role in building a healthier world. View our wide range of health benefits, financial benefits, wellness programs, and flexible working schedules.
Ready for the next step? We’ll guide you along the journey of our hiring process.
Culture and Values
Advancing health outcomes for all — this is the foundation of how we interact with customers, business partners, and each other. Meet the team and learn more about our mission.
Diversity, Equity & Inclusion
Our culture is built around diverse perspectives because everyone’s unique story, experiences, and ideas are valued here.
- Warehouse Worker - Full Time Shifts Aurora, Colorado 04/21/2023
- Associé Principal, Gestion de l'Approvisionnement Saint-Laurent, Canada 06/09/2023
- Senior Director, Business Information Security Officer (BISO) Irving, Texas 06/09/2023
- Specialist, Global Security Mississauga, Canada 05/26/2023
- Conseiller(ère), Gestion des congés / Bilingual Advisor, Leaves Management Saint-Laurent, Canada 05/10/2023
You haven't viewed any jobs yet.View available opportunities
You haven't saved any jobs yet.View available opportunities