MTA - Cybersecurity Event Analyst

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

McKesson’s Cybersecurity Event Analyst will be a member or our Cyber Investigations & Response Team (CIRT) responsible for monitoring, detecting, triaging, and responding to security events and incidents in a 24 x 7 global environment. Your mission is to timely detect and respond to security event and possible security incidents from enterprise networks. To execute this mission, you will use data analysis, threat intelligence, and cutting-edge security technologies.

Responsibilities :

• Primary responsibilities include developing and mentoring the SOC L1 / L2 Information Security Analysts, ensuring processes are followed, updating and creating new processes as needed, setting and tracking metrics, and driving new detections / use cases from the SOC Analyst perspective.
• Serves as an escalation point of contact for L1 and L2 Security Operations Center (SOC) analysts.
• Work collaboratively with multiple teams as well as subject matter experts to include threat hunters, counter-threat Intelligence analysts, incident responders and forensic investigators.
• Stay current with and remain knowledgeable about new threats. Analyze threat actor tactics, techniques and procedures (TTPs) from security events across a large heterogeneous network of security devices and end-user systems.
• Utilize security models and frameworks for documenting and tracking purposes, (e.g. MITRE ATT&CK framework, Cyber Kill Chain (CKC) framework).
• Leverage automation and orchestration solutions to automate repetitive tasks.
• Assist with incident response as events are escalated, including triage, remediation and documentation.
• Collaborates with the owners of cyber defense tools to tune systems for optimum performance and to maximize detection and prevention effectiveness. and minimize false positives.
• Work alongside other security team members to search for and identify security issues generated from the network, including third-party relationships.
• Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats.

Minimum Qualifications

Qualifications :

Preferred Technical and Professional Expertise :

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$97,700 - $162,800

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!