Tomorrow’s health is… Tackling challenges no one else can.

Role/Responsibilities:

Contract Performance & Governance 

• Collaborate with the McKesson Technology Vendor Management function to provide consistent governance over third-party staffing or MSSP service providers, including monitoring Suppliers’ compliance with contract terms and conditions, routine attestations and reports and critical deliverables supporting the Cybersecurity teams.

• Manage security benchmarking activities to monitor Suppliers’ performance against industry standards.

• Govern defined SLA commitments and other financial/operational metrics across Cybersecurity.  

• Lead Cybersecurity third-party staffing or MSSP supplier governance activities.

• Prepare regular reports and maintain accurate records of contracts, issues, and any associated activities related to key agreements. 

Issue Resolution 

• Leads effort to manage and resolve issues between internal teams and external Suppliers.

• Facilitate timely problem resolution of service or contractual issues to minimize impact of cybersecurity service disruptions.

Vendor Selection & New Requirements  

• Provide Cybersecurity requirements to potential vendors and assists Sourcing and the MT Vendor Management Office in the negotiation for all amendments, new services and any other changes requiring contractual resolution. 

• Ensure statements of work or contract amendments are developed to meet business needs, working in partnership with Cybersecurity management and third-party vendors. 

• Partner with Sourcing to lead vendor selection activities as needed.

Compliance and Quality Control 

• Validates Suppliers’ compliance with industry standard audit reports (e.g., SOC2).

• Ensure that appropriate audit controls are in place for Suppliers’ processes and invoices.

• Ensure suppliers comply with business compliance requirements.

Financial Management 

• Lead efforts with Cybersecurity leaders to develop new business cases where third-party staffing and services are involved; conduct periodic reviews to ensure commercial arrangement continues to yield value. 

• Evaluate proposed statements of work value and recommend changes.

• Track cybersecurity contractors, maintain financial forecast and communicate changes as needed.

• Ensure required company’s commercial contracting processes are followed, including aligning to business approvals.

• Work with cybersecurity Leaders to identify and implement continuous improvement activities related to those services provided by third-parties, including the reduction of costs and improvement of SLAs.

Service Transition and Improvements 

• Lead Cybersecurity service transition and transformation activities pertaining to strategic supplier strategies; will include oversight to ensure the development of SOPs, runbooks, etc. across multiple security service areas to support third-party execution of services.

Qualifications:

• 10+ years of relevant experience.

• Bachelor’s degree or equivalent experience.

PREFERRED SKILLS AND EXPERIENCE

• Excellent communication and customer-facing skills.

• Strong financial acumen and supplier contract management experience.

• Strategic to tactical decision-making.

• Experience in dealing with third-party-provided services.

• Operational ability in a diverse, large-scale environment.

• In-depth knowledge of escalation procedures, incident management, and service delivery.