McKesson Cyber Security Analyst (Business) in England, United Kingdom

Cyber Security Analyst (Business)


McKesson Corporation (NYSE: MCK) is a leading healthcare services company dedicated to delivering the vital medicines, supplies and information technologies and services that enable the healthcare industry to provide patients better, safer care. McKesson is in business for better health. As a company working with healthcare stakeholders in every setting, McKesson is charting the course toward a stronger, more sustainable future for the entire industry.

McKesson’s history is a fascinating journey of an American company playing a transformational role in healthcare, technology and supply chain excellence. Established in 1833, McKesson is the oldest and largest healthcare services company in the United States. McKesson serves more than 50% of American hospitals, 20% of physicians and 100% of health plans, and as the largest pharmaceutical distributor in North America, delivers one-third of all medications used there every day.

McKesson is made up of many businesses, all serving the Healthcare Industry. Its businesses fall into one of two primary business segments: Distribution Solutions or Technology Solutions.

Global Expansion

McKesson recently acquired Celesio, leading international wholesale and retail company and provider of logistics and services to the pharmaceutical and healthcare sectors. This acquisition brought together the strengths and expertise of two leaders in the global healthcare industry, with complementary geographic footprints – through pharmaceutical wholesaling, community pharmacy care and information technology – and collective healthcare experience of over 360 years.

With operations in more than 20 countries and approximately 85,000 employees worldwide, McKesson Corporation expects to create value and to support better health globally, building upon its portfolio of businesses across both segments, many of which have market leading positions today. As demand for healthcare is growing all over the world, McKesson is well positioned as a global healthcare services leader.

Celesio operates in 14 countries and serves over 2 million customers every day at about 2,200 pharmacies of its own and over 4,300 participants in brand partnership schemes. The proactive and preventive approach ensures that patients receive the products and support that they require for optimum care. With more than 38,000 colleagues and with 134 wholesale branches, Celesio supplies 65,000 pharmacies and hospitals every day with up to 130,000 pharmaceutical products. The services benefit a patient pool of about 15 million per day.

McKesson Corporation reported revenue of $190 billion in FY2016 and was ranked #11 on the Fortune 500 in 2015.

Job Summary

We are driving to forge close alignment across McKesson to ensure that all areas of the business are appropriately protected from cyber threats. There is now a focus on the cyber security agenda from the highest level, and initial benchmarking suggests numerous areas in need of improvement. Driving growth in retail is also a business priority: this will increase our exposure to cyber threat, so we must ensure our defences keep pace with these changes and evolution of our global business.

The purpose of this role is to support the European Director of Cybersecurity in the program delivery of effective and efficient cyber defences for McKesson in Europe. There is a need for close collaboration with European business and technology stakeholders to identify operational business requirements for effective cyber security technology selection and implementation.

Key Responsibilities/ESSENTIAL FUNCTIONS

As a McKesson’s Manager of Cyber Security, the key responsibilities will include:

Cybersecurity Program Support

  • Understand and incorporate the corporate Global and European defined strategies to directly support all components of the cybersecurity program and will:

  • Lead components of the broader cybersecurity program management through extensive collaboration across all levels of business and technology stakeholders across the European enterprise.

  • Manage business stakeholder engagement to capture requirements and coordinate the development of appropriate cybersecurity controls for SIEM, firewalls, threat and vulnerability management, and other components of the network security architecture.

  • Provide technical recommendations on appropriate network architecture and security components based on business or organisational requirements.

  • Coordinate and lead workshops with business and technology stakeholders to identify and/or validate appropriate cybersecurity architectures and controls.

  • Collaborate with the global technical stakeholders to ensure that enterprise security projects are consistent with global standards and regional business requirements.

  • Assess and recommend improvements to cybersecurity technologies across the enterprise to include SIEM use cases, system log management, business continuity and disaster recovery solutions, and endpoint security programs.

  • Produce technical and programmatic gap analysis reports and develop project delivery roadmaps for technical projects as required.

  • Develop and coordinate the delivery of relevant cybersecurity reporting metrics to the ECISO and European Director of Cyber Security through internal collaboration with internal stakeholders such as Policy Compliance, third party vendors, system and application owners, and Director of Cyber Risk.

  • Provide regular (e.g., weekly, monthly) status reporting for a wide audience on all projects.

  • Work closely with IT Governance in supporting priority risk management and compliance initiatives as part of the broader risk management plan.

Minimum Requirements

  • 3-5 years of cybersecurity and/or consulting experience within a large enterprise environment.

  • Clear understanding of network security technologies to include SIEM, threat and vulnerability management, firewalls, and Identity and Access Management solutions. Experience in a SOC environment preferred.

  • Hands-on experience implementing, configuring and running SIEM platforms to include the development of use cases and managing system logs.

  • Scripting language, i.e. Perl, Python, or other, and experience managing and manipulating data sets such as security logs or database records.

Additional Requirements:

  • Cybersecurity analytics experience to include the development or maintenance of network and security statistics.

  • Clear understanding of TCP/IP, routing and switching architecture, port filtering, integration of network technologies into existing network infrastructures, and network traffic/packet analysis.

  • Experience in assessing maturities and developing improvement roadmaps for cybersecurity programs.

  • Effective time management and project management skills and experience managing multiple projects independently. International experience preferred.

  • Experience working in diverse environments to include technology and business environments.

  • Must have excellent written and verbal skills to deliver briefings and reporting to all levels of global stakeholders.


• Bachelor’s degree required, with a preference for studies in Technology such as computer science, engineering or similar field.

Benefits & Company Statement

McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.

We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting.

But we can’t do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities.

Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

Job: Technology

Organization: McKesson Corporate

Title: Cyber Security Analyst (Business)

Location: GBR-England-London

Requisition ID: 17004307