Social network you want to login/join with:
Sr. Information Security Analyst - Platform Security, Cork
Client:
MIR McKesson Cork Business Solutions Unlimited Company
Location:
Cork, Ireland
Job Category:
Other
EU work permit required:
Yes
Job Reference:
63d3626f15f8
Job Views:
3
Posted:
19.04.2025
Expiry Date:
03.06.2025
Job Description:
McKesson is looking for a Senior Information Security Analyst, Threat & Vulnerability Management to help support McKesson information security capabilities and compliance across Business units and Enterprise IT organizations. As a Senior Information Security Analyst, you will be a key member of our Cybersecurity team. The candidate will have a background in Threat & Vulnerability Management and will also help represent the Cybersecurity team on various projects and boards. The Senior Information Security Analyst works with the Sr. Manager, Threat & Vulnerability playing a critical role in safeguarding the organization’s information and systems by identifying and addressing vulnerabilities. This position involves monitoring, analyzing, and advising on vulnerability-related risks.
Responsibilities:
Vulnerability Monitoring:
* Continuously monitor relevant sources (CVE databases, security bulletins, etc.) for newly identified vulnerabilities.
* Assess the impact and severity of vulnerabilities based on the organization’s assets and risk appetite.
* Evaluate the risks posed by identified vulnerabilities to the organization’s information and systems.
* Collaborate with cross-functional teams to prioritize vulnerabilities based on business impact.
Advisory Role:
* Provide actionable recommendations to management regarding vulnerability remediation.
* Advise on appropriate measures to eliminate or reduce the organization’s risk exposure.
Trend Analysis:
* Analyze vulnerability data to identify trends, patterns, and emerging threats.
* Stay informed about industry best practices and evolving attack vectors.
Stakeholder Communication:
* Regularly communicate vulnerability status, progress, and risk mitigation efforts to relevant stakeholders.
* Foster collaboration with IT teams, system owners, and security architects.
Key Results:
* Patch Compliance Rate: Achieve and maintain a high patch compliance rate across all systems and applications.
* Vulnerability Reduction: Continuously reduce the number of critical and high-risk vulnerabilities within the organization.
* Response Time: Minimize the time taken to remediate vulnerabilities after discovery.
* Stakeholder Satisfaction: Gather feedback from stakeholders on vulnerability management effectiveness and adjust strategies accordingly.
Qualifications (Education, Experience, Skills/Competencies):
* Degree in IT Security, Information Systems, Computer Science, Engineering, Information Security, or a related field or equivalent experience.
* 5+ years of experience in systems and/or applications security, including maintenance and use of security products in a distributed enterprise environment, Network and Infrastructure Security, Vulnerability Management, Cloud Security, and Data Protection Controls.
* Knowledge of investigative methodologies and decomposing behavioral profiles to develop investigative plans.
* Ability to manage security vulnerabilities and risks across the organization, including identifying and supporting application/system owners to manage risks and remediate vulnerabilities.
* Ability to analyze site/enterprise Computer Network Defense policies and configurations and evaluate compliance with regulations and enterprise directives.
* Knowledge of Security and Control Frameworks such as NIST, ISO, Cloud Security Alliance, CMMC, etc.
* Knowledge of network protocols IDS/IPS, DNS, TCP/IP, and network defense components.
* Security related qualification(s) such as CISSP, GPEN, GCIH, CEH, CISA, CRISC, IAT, CISM, or GIAC.
Additional Knowledge & Skills (Optional):
* Knowledge of healthcare, privacy, and financial compliance regulations.
* Knowledge and experience with secure deployment of applications within a cloud environment.
* Experience with law enforcement, defense, or intelligence community.
* Strong analytical and troubleshooting skills with an understanding of IT business operations and information security.
* Experience with Vulnerability Management Tooling.
At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being.
Please note that if you are NOT a passport holder of the country for the vacancy you might need a work permit. Check our Blog for more information.
Bank or payment details should not be provided when applying for a job. Eurojobs.com is not responsible for any external website content. All applications should be made via the 'Apply now' button.
#J-18808-Ljbffr