CT - Analyst, Third Party Cyber Security
Irving, Texas, Alpharetta, Géorgie, Géorgie, Texas See Job ResponsibilitiesProfil recherché
Qu’est-ce qui définit CT - Analyst, Third Party Cyber Security couronné de succès? Voici les qualités principales de cette personne :
- Conceptualisation
- Proactivité
- Résolution de problèmes
- Stratégie
- Fine pointe de la technologie
- Pensée visuelle
Culture
Accomplissement
Mettre à profit vos aptitudes dans la résolution de problèmes pour maximiser le temps disponible de nos produits et assurer une expérience agréable à notre clientèle, tout en maintenant un équilibre travail-vie personnelle sain.
Innovation
à l’aide de nos données en évolution et de nos outils technologiques, surveiller et analyser l’information et les tendances pour définir les prochaines étapes de notre mission d’améliorer les soins de santé.
Création
Parvenir à des solutions qui contribuent à éliminer les obstacles de coût pour améliorer la distribution et maintenir l’efficacité des médicaments. Vous jouerez un rôle clé dans le façonnement d’une industrie mondiale.
Avantages sociaux
-
Une couverture sur laquelle vous pouvez compter :
- Soins médicaux, dentaires et de la vue
- Compte de frais médicaux
- Compte de frais variables
-
Des avantages sociaux qui surpassent votre salaire de base :
- 401(k) (États-Unis)
- Régime de retraite (Canada)
- Régime d’actionnariat privilégié pour le personnel
-
Soutien au bien-être global :
- Programmes de santé mentale
- Horaires de travail flexibles
- Congés payés
- Programme de mieux-être
- Remboursement des droits de scolarité
- Occasions de bénévolat
- Environnement de travail flexible
-
Un chef de file mondial de l’inclusion :
L’engagement de McKesson envers la diversité et l’inclusion commence au sommet. Nous figurons d’ailleurs à la liste des Meilleurs employeurs en matière de diversité compilée par Forbes.
Responsibility
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.
What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.
Position Overview:
A Third Party Cyber Security Analyst plays a critical role in ensuring the security of the organization’s external partnerships and integrations. Reporting to the Third-Party Cybersecurity Architect, the Analyst supports the assessment, monitoring, and mitigation of cybersecurity risks associated with third-party entities, including vendors, suppliers, and partners. This position involves day-to-day operational activities, including security assessments, compliance monitoring, and incident response coordination, to maintain a secure ecosystem around third-party interactions.
Key Responsibilities:
Third-Party Security Assessments:
Conduct initial and ongoing security assessments of third-party vendors, partners, and suppliers to identify potential cybersecurity risks.
Assist in the evaluation of third-party security controls and compliance with the organization’s security policies and industry standards.
Document findings, prepare reports, and communicate identified risks and recommended remediation actions to internal stakeholders.
Continuous Monitoring and Compliance:
Support the continuous monitoring of third-party access points and data exchanges to detect and respond to security incidents or policy violations.
Assist in tracking and enforcing third-party compliance with established security requirements and contractual obligations.
Maintain up-to-date records of third-party risk assessments, compliance statuses, and remediation activities.
Incident Response Coordination:
Participate in the identification, investigation, and management of security incidents involving third-party entities.
Work with the Third-Party Cybersecurity Architect to coordinate incident response efforts, communicate with affected third-party entities, and ensure timely resolution.
Assist in conducting root cause analysis and preparing incident reports to prevent future security breaches.
Support for Mergers & Acquisitions (M&A):
Assist in the cybersecurity due diligence process for M&A activities, focusing on identifying risks related to third-party connections and integrations.
Contribute to the development of integration plans to secure merging IT systems and data in collaboration with other cybersecurity team members.
Policy Adherence and Improvement:
Ensure adherence to established policies and procedures related to third-party cybersecurity.
Assist in the development and continuous improvement of third-party security guidelines, checklists, and processes.
Maintain awareness of emerging cybersecurity threats and trends that could impact third-party security.
Collaboration and Communication:
Collaborate with internal teams, including legal, procurement, and vendor management, to ensure security requirements are included in third-party contracts.
Communicate security expectations, guidelines, and compliance requirements to third-party entities.
Work closely with the broader cybersecurity team to integrate third-party security considerations into overall cybersecurity strategies.
Training and Awareness:
Assist in the development and delivery of training sessions on third-party cybersecurity risks and best practices for internal stakeholders.
Support initiatives to raise awareness of third-party security risks across the organization and among external partners.
Qualifications:
Bachelor’s degree (in Cybersecurity, Information Technology, Computer Science, or a related field), or equivalent work experience.
4+ years of experience in Cybersecurity, with a focus on third-party risk management, vendor management, or related areas.
Familiarity with cybersecurity frameworks, such as NIST, ISO 27001, or similar.
Basic knowledge of network security, data protection, and incident response principles.
Strong analytical, problem-solving, and communication skills.
Ability to work collaboratively in a team environment and manage multiple tasks with attention to detail.
Preferred Qualifications:
Experience with security assessment tools and methodologies.
Relevant cybersecurity certifications (e.g., CompTIA Security+, Certified Information Systems Security Professional (CISSP), Certified Third Party Risk Professional (CTPRP)).
Familiarity with regulatory requirements related to third-party cybersecurity (e.g., GDPR, CCPA, etc.).
We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.
Our Base Pay Range for this position
$92,900 - $154,800McKesson is an Equal Opportunity Employer
McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.
Join us at McKesson!