We are seeking an Sr. Insider Protection Analyst to join our team in Alpharetta, GA, Scottsdale, AZ or Irving, TX.
The ideal candidate for this job will be an experienced information security practitioner who is goal-oriented and strives to exceed expectations. The candidate will have a demonstrated comprehension of insider threat planning, identification and components of an insider threat program, insider threat team development, strategies for effective communication of the program, and effective implementation and operation of the program within the organization.
Lead and collaborate on implementation of the Insider Threat Program.
Review the Insider Threat Program policy as part of the Policy Lifecycle process.
Recommend strategies to prevent potential insider threat behavior or incidents.
Monitor existing policies and suggest modifications to enhance the capabilities of the Insider Threat Program.
Collaborates with law enforcement (through the Incident Response team), industry experts, internal, and external peers to enhance the Insider Threat Program behavioral models and detection techniques.
Create roadmaps for the ongoing improvement of the Insider Threat Program.
Responsible for daily operations and management of the Insider Threat Program.
Develop a training curriculum for member of the Insider Threat Program team.
Develop and perform processes for the Insider Threat Team Program, including which types of alerts to evaluates reporting, response and remediation steps in collaboration with key stakeholders
Conduct analytical and critical thinking; understand problem set, review facts, make accurate observations and judgments and provide recommendations
Provide advice and expert guidance on security issues affecting business process and procedures exploitable by insiders (both accidental and malicious actions)
Provide input to the Insider Threat Program based on known and unknown threat behavior models.
Build and implement processes and technologies to detect high-risk insider activities that are accidental or malicious in nature.
Design reporting mechanisms for potential or actual insider threats.
Create and implement constructs for early warning detection of potential insider threats.
Test existing behavioral constructs for applicability and effectiveness.
Evaluate technologies to enhance detection capabilities of behavioral constructs.
Coordinate and collaborate with the SOC, Help Desk, IT, CTI, DLP, and Corporate Physical Security Risk teams and Business Units (BUs) to remediate/mitigate identified risks.
Review existing technology capabilities and limitations and build business case for recommended new technology capabilities
Conduct ongoing research of cyber insider threat theft
Provide specialized intelligence and threat analysis and production support
Develop information and technical support documents, summaries, reports, presentations, and other designate products
Present briefings to personnel designated
Write clear, concise and timely intelligence products that identify, analyze, and collate disparate pieces of information
Develop baseline of normal Network Device Behaviors; Implement User Behavior Analytics tool
Conduct risk assessments (on a regular basis), including risks to trade secrets, salary data, proposal data, proprietary data, strategic plans, Personally Identifiable Information (PII), and IT systems and servers, etc.
Ensure access and logging to identified critical assets;
Monitor and Respond to Suspicious or Disruptive Behavior
7+ years relevant experience
3+ years’ experience with security issues, vulnerabilities, regulatory and legal changes, and security standards that may impact Information Security
1+ years’ experience with Insider Threat Program; and Information Security and network best practices
4+ years’ experience providing advice and expert guidance on security issues affecting business process and procedures exploitable by insiders (both accidental and malicious actions)
Additional Knowledge and Skills
Strong verbal and written communication skills
Ability and willingness to share on-call responsibilities, work non-standard hours, and travel (up to 20%) when required
Project management experience
Working knowledge in principals of network and endpoint security, current threat and attack trends, and security principals;
Must effectively deal with rapid technological and business changes while maintaining enthusiasm, displaying sound judgment, and being a complex problem solver
Develops and implements training programs and remedial actions as necessary
Up to 20%
Bachelor's degree or equivalent experience
General Office Demands
Must be authorized to work in the US. Sponsorship is not available for this position
Internal Number: JR0031643
About McKesson Corporation
We deliver careers with purpose and potential. Our focus on better health starts with creating an inclusive environment with strong values where you can build a fulfilling career. You can count on us to provide you with resources and opportunities to grow and be your best, while contributing to our pursuit of improving lives. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient. We work to distribute medical supplies, bandages, syringes, vials of flu vaccine, and pharmaceutical drugs to help real patients like Jack, an eight-year-old boy battling cancer. We take that job seriously. Together, the work we do is shaping the future of healthcare. If you are passionate about combining a meaningful career with a balanced life, join us on this journey and apply for a job with McKesson today. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient.