Skip to main content
Parcourir les offres d'emploi

Offres d'emploi sauvegardées
Alt Text

La santé de demain commence par… Relever les défis que personne d’autre ne peut surmonter.

Senior Manager, Information Security (Offensive Security Testing/Red Team)

Cork, Irlande See Job Responsibilities
Apply

Profil recherché

Qu’est-ce qui définit Senior Manager, Information Security (Offensive Security Testing/Red Team) couronné de succès? Voici les qualités principales de cette personne :

  • Conceptualisation
  • Proactivité
  • Résolution de problèmes
  • Stratégie
  • Fine pointe de la technologie
  • Pensée visuelle

Culture

Accomplissement

Mettre à profit vos aptitudes dans la résolution de problèmes pour maximiser le temps disponible de nos produits et assurer une expérience agréable à notre clientèle, tout en maintenant un équilibre travail-vie personnelle sain.

Innovation

à l’aide de nos données en évolution et de nos outils technologiques, surveiller et analyser l’information et les tendances pour définir les prochaines étapes de notre mission d’améliorer les soins de santé.

Création

Parvenir à des solutions qui contribuent à éliminer les obstacles de coût pour améliorer la distribution et maintenir l’efficacité des médicaments. Vous jouerez un rôle clé dans le façonnement d’une industrie mondiale.

Avantages sociaux

  • Une couverture sur laquelle vous pouvez compter :

    • Soins médicaux, dentaires et de la vue
    • Compte de frais médicaux
    • Compte de frais variables
  • Des avantages sociaux qui surpassent votre salaire de base :

    • 401(k) (États-Unis)
    • Régime de retraite (Canada)
    • Régime d’actionnariat privilégié pour le personnel
  • Soutien au bien-être global :

    • Programmes de santé mentale
    • Horaires de travail flexibles
    • Congés payés
    • Programme de mieux-être
    • Remboursement des droits de scolarité
    • Occasions de bénévolat
    • Environnement de travail flexible
  • Un chef de file mondial de l’inclusion :

    L’engagement de McKesson envers la diversité et l’inclusion commence au sommet. Nous figurons d’ailleurs à la liste des Meilleurs employeurs en matière de diversité compilée par Forbes.

Responsibility

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

McKesson is looking to hire a Senior Manager, Information Security, Offensive Security Testing/Red Team to help support McKesson's information security capabilities and compliance across Business units and Enterprise IT organizations within McKesson. As a Senior Manager, you will be a key member of our Cybersecurity team.  The ideal candidate will have a deep understanding of offensive security techniques, a strong background in cybersecurity, and the ability to manage and mentor a team of security professionals. This role is critical in identifying and mitigating potential security threats to our organization. He or she will also help represent the Cybersecurity team on various projects and boards. The Senior Manager works with the Sr. Director, Information Security and plays a critical role in safeguarding the organization’s information and systems by overseeing the planning, execution, and reporting of Red Team engagements, including penetration testing, vulnerability assessments, and simulated cyber-attacks.

Key Responsibilities:

  • Lead Red Team Operations: Oversee the planning, execution, and reporting of Red Team engagements, including penetration testing, vulnerability assessments, and simulated cyber-attacks.

  • Develop Strategies and Methodologies: Create and implement comprehensive Red Team strategies and methodologies to effectively test and improve the organization’s security posture.

  • Risk Identification and Prioritization: Collaborate with other security teams to identify, assess, and prioritize security risks and vulnerabilities across the organization.

  • Reporting and Communication: Provide detailed reports and presentations on Red Team findings, including actionable recommendations for remediation, to both technical and non-technical stakeholders.

  • Continuous Improvement: Stay current with the latest security threats, trends, and technologies to continuously improve Red Team tactics, techniques, and procedures.

  • Team Management: Mentor and train team members to enhance their skills and knowledge, fostering a culture of continuous learning and professional development.

  • Coordination with External Partners: Work with external partners and vendors to conduct specialized testing and assessments, ensuring comprehensive security evaluations.

  • Compliance and Standards: Ensure all Red Team activities comply with industry standards, regulations, and best practices, such as MITRE ATT&CK, NIST, and ISO 27001.

  • Incident Response Support: Assist the incident response team during security incidents by providing insights and expertise from Red Team activities.

  • Tool Development and Maintenance: Develop, maintain, and enhance Red Team tools, scripts, and frameworks to support advanced testing and assessments.

  • Stakeholder Engagement: Engage with various stakeholders across the organization to promote security awareness and advocate for the implementation of security best practices.

  • Budget Management: Manage the Red Team budget, including resource allocation, tool procurement, and training expenses.

Key Results:

  • Enhanced Security Posture: Achieve a measurable improvement in the organization’s security posture through effective Red Team engagements and remediation efforts.

  • Risk Reduction: Successfully identify and mitigate critical security vulnerabilities, reducing the overall risk to the organization.

  • Team Development: Foster a high-performing Red Team with increased skills and knowledge, demonstrated by successful engagements and professional growth.

  • Compliance Achievement: Ensure all Red Team activities meet or exceed industry standards and regulatory requirements, contributing to the organization’s compliance goals.

  • Incident Response Efficiency: Provide valuable insights and support during security incidents, leading to faster and more effective incident resolution.

  • Stakeholder Satisfaction: Maintain high levels of satisfaction among stakeholders through clear communication, actionable recommendations, and demonstrated improvements in security.

Qualifications:

  • Bachelor’s degree (in Computer Science, Information Security, or a related field), or equivalent work experience. Advanced degree preferred.

  • 7+ years of experience in cybersecurity, with at least 3 years of experience in a Red Team or offensive security role.

  • Strong knowledge of penetration testing tools and techniques.

  • Proficiency in using security tools and technologies, including but not limited to:

  • Metasploit, Safebreach, Burp Suite, Nmap, Cobalt Strike, BloodHound, Empire, PurpleSharp, AttackIQ, MITRE Caldera, Wireshark, Kali Linux, Vulnerability Management Tools, Rapid7, Tenable, Qualys, OWASP security scanners

  • Experience in internal testing and staging of Red Team tests.

  • Proven experience in collaborating with Blue and Purple Teams.

  • Experience with scripting and programming languages such as Python, PowerShell, or Bash.

  • Excellent problem-solving skills and attention to detail.

  • Strong leadership and team management abilities.

  • Relevant certifications such as OSCP, OSCE, CISSP, or CEH are highly desirable.

  • Excellent communication and presentation skills.

  • Experience with threat modeling and risk assessment methodologies.

  • Knowledge of security frameworks such as MITRE ATT&CK, NIST, and ISO 27001.

  • Familiarity with cloud security and DevSecOps practices.

  • Ability to work in a fast-paced and dynamic environment.

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to supportphysical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.

Our Base Pay Range for this position