Skip to main content

Lead Information Security Analyst – Security Operations Center (SOC)

Apply Job ID JR0073852 Date posted 09/12/2022

Position Summary:

We are seeking a Lead Information Security Analyst to join the McKesson Security Operations Center responsible for monitoring, detecting, triaging, and responding to security events and incidents in a 24 x 7 global environment.


  • Primary responsibilities include developing and mentoring the SOC L1 – L3 Information Security Analysts, ensuring processes are followed, updating and creating new processes as needed, setting and tracking metrics, and driving new detections/use cases from the SOC Analyst perspective.

  • Serves as an escalation point of contact for L1 , L2 and L3 Security Operations Center (SOC) analysts.

  • Work collaboratively with multiple teams as well as subject matter experts to include threat hunters, counter-threat Intelligence analysts, incident responders and forensic investigators.

  • Stay current with and remain knowledgeable about new threats. Analyze threat actor tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.

  • Utilize security models and frameworks for documenting and tracking purposes, (e.g. MITRE ATT&CK framework, Cyber Kill Chain (CKC) framework)

  • Leverage automation and orchestration solutions to automate repetitive tasks.

  • Assist with incident response as events are escalated, including triage, containment, remediation and documentation.

  • Collaborates with the owners of cyber defense tools to tune systems for optimum performance and to maximize detection and prevention effectiveness. and minimize false positives.

  • Work alongside other security team members to search for and identify security issues generated from the network, including third-party relationships.

  • Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats.

Minimum Requirements:

  • Requires 7+ years of professional work experience

  • BA/BS degree or equivalent experience

Critical Skills:

  • 5-7 years of information security monitoring experience.

  • Experience working in a 24x7 operational environment, with geographic disparity preferred.

  • Experience working with SIEM systems, Endpoint Detection and Response (EDR) solutions, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), Data Loss Prevention and other network and security monitoring tools.


  • Certifications related to security (such as Security+, GSEC, GCIH, GCIA, CISSP, NCSF, etc)

  • Certifications in Splunk

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to supportphysical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves. For more information regarding benefits at McKesson, pleaseclick here.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.

Our Base Pay Range for this position

$122,300 - $203,800

McKesson is an Equal Opportunity/Affirmative Action employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to Resumes or CVs submitted to this email box will not be accepted.

Current employees must apply through the internal career site.

Join us at McKesson!