McKesson Senior Analyst - Red Team in Alpharetta, Georgia

Empowering healthcare starts with you. At McKesson, whether you work in HR or Marketing, Finance or Public Affairs, you're making a difference. You'll spark a chain reaction that results in millions of people getting more from their healthcare.

As the nation's leading healthcare services company, we touch virtually every aspect of healthcare. We empower our customers by delivering vital supplies and solutions. And we empower our employees through a supportive environment where opportunity and responsibility grow. Our exceptional leadership team provides the vision and strategy to advance healthcare, so you can feel confident in our direction and your future. At McKesson, we believe we can empower healthcare. And it all starts with you

We are currently seeking a candidate to assume the role of Senior Analyst/Team Lead of a newly established Red Team. The candidate will join our Enterprise Software & IT Systems Assurance team in the Windward office, McKesson Hub, Alpharetta Georgia 30005.

To accomplish this role satisfactorily, the Red Team member will:

  • Deliver/Execute prescriptive guidance and/or determine root cause analysis of successful security attacks

  • Help implement plans that execute attacks

  • Detect and mitigate attacks against company technology assets and challenge the effectiveness of security defenses

  • Perform analysis of systems and process gaps.

  • Test the effectiveness of McKesson's security controls

  • Help guide correctives and remediation priorities based on the results of successful attacks

Position Description:

The candidate must have a comprehensive understanding of Red Team operations to assume the leadership role required to plan, execute, report, and evolve Red Team structured activities.

The successful candidate will represent a contrarian perspective of security strategies, controls and defenses and help operationalize and maintain a Red Team model that represents a continuous clear and present danger to technology and information security controls and practices. This person will assess and routinely adopt the tools and techniques of actual adversaries, leverage the understanding of attacks on other organizations and mimic the work of adversaries that the Blue Team blocked and implement an operational lifecycle of attack, measure, learn and repeat.

As a member of the Enterprise Systems and IT Systems Assurance group, the Red Team Analyst conduct security attacks on internally or externally hosted applications and infrastructure on a global scale with an emphasis on critical functions and processes targeted by adversaries. The analyst hunts for weaknesses and vulnerabilities that could lead to a breach of confidentiality, integrity or availability. The analyst collaborates with security members, senior business, technology and security leaders and his/her peer group in the Information Security and Risk Management and Enterprise Technology and Services functions.

The Red Team is a specialized process-driven function to help realize continuous security assurance improvements through awareness and exposure of critical weaknesses in end-to-end business operations. The Red Team analyst shall customize and implement techniques that probe and circumvent IT controls to successfully demonstrate a compromise and/or how acts of deliberate disruption can cause adverse / unspecified financial loss, or bring about appreciable negative impact to McKesson and its customers.

For McKesson's Information Security Risk Management (ISRM) organization, the Red Team’s activities are composed by confidential projects, that are fashioned to accomplish security attacks for any business operation or grouping of business operations. There will be significant pre-work, and scope negotiated up front. Red Team activities are not and shall not be a free form, turn a group of security experts lose approach. There will be considerable thought given to what is of greatest value to McKesson to learn, and minimize speculation of where best to deploy investments that evolve detection and response capabilities, assurance and protection processes and ongoing people training.

The purpose of the Red Team is to routinely and randomly test McKesson's defenses, the readiness of IT security, technology and business personnel at-large to appropriately respond to scenarios that can cause a complete or partial disruption of business services, and systems that enable correct authorization of credentialed operations, transactions and information exchanges. As a component of a broader cyber security, risk, assurance framework, the Red Team leader is accountable and responsible for planning and socializing up front security attack events, but only with his/her immediate manager, corporate legal and McKesson's corporate CIO and CISO. Such discussions will cover ground rules and expectations, but never the details of any planning involved to execute a security attack.

Minimum Requirements:

3 years information security experience and demonstrated leadership skills

Critical Skills:

  • Excellent oral/written communications to effectively communicate activities and findings in a business assurance and risk context

  • Demonstrate strong technical understanding and knowledge of mainstream technologies comprised in large enterprise and commercial IT provider environments that house commercial and customized ERP, Supply Chain, Financial/HR, Sales / Marketing operations, Cloud solutions and Big data infrastructure services for enterprises; complex authentication and access control services for multi-tenant business systems;

  • Excellent oral/written communications to effectively communicate activities and findings in a business assurance and risk context

  • Demonstrate strong technical understanding and knowledge of mainstream technologies comprised in large enterprise and commercial IT provider environments that house commercial and customized ERP, Supply Chain, Financial/HR, Sales / Marketing operations, Cloud solutions and Big data infrastructure services for enterprises; complex authentication and access control services for multi-tenant business systems;

  • Demonstrate broad knowledge of MS Windows, Unix-based and mid-range platform systems used to deliver commercial enterprise applications

  • Excellent working knowledge of industry standards and guidance such as SEI/CMU, SAFECODE; NIST MITRE - Common Weakness Risk Framework, and Vulnerability Enumeration Trends; ISO/IEC 27034, CERT - Secure Coding Standards, OWASP Secure Coding Practices

  • Threat Modeling and tools (e.g. Microsoft SDL, STRIDE, PASTA, etc)

  • Software development, penetration testing and social engineering experience

  • High proficiency with MS Office productivity applications and common scripting languages

Additonal Knowledge & Skills:

  • Synosys, Rapid7, Veracode, HP Fortify, Checkmarx, IBM AppScan, and HP WebInspect Analysis solutions

  • HP Quality Center, Jira, Team Foundation Services software development lifecycle tools

  • Application lifecycle management capabilities

  • IT Systems: SharePoint Administration; MS SQL & IIS Administration, and MySQL

Education:

4-year degree in computer science or related field or equivalent experience

Certifications/Licensure:

Any of the following: CSSLP, GSSP-.NET; GSSA-JAVA; GWEB, GWAPT

Physical Requirements:

General Office Demands

Benefits & Company Statement:

McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.

We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting.

But we can’t do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

Agency Statement

No agencies please.

Job: Systems Management

Organization: McKesson Corporate

Title: Senior Analyst - Red Team

Location: Georgia-Alpharetta

Requisition ID: 17006278