Overview
CT – Cyber Incident Commander Jobs in Austin, Texas, USA at McKesson
Title: CT – Cyber Incident Commander
Company: McKesson
Location: Austin, Texas, USA
Type: Full Time
Category: IT/Tech, Security
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make
quality care
more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.
What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.
McKesson’s Cyber Incident Commander, Sr. Manager will be a member of our McKesson Cyber Investigations & Response Team leading Security Operations and Incident Response activities across the Enterprise. You will be responsible for leading activities regarding identifying, containing, eradicating, and recovering from cybersecurity events and incidents. To execute this mission, you will use a combination of strong
leadership
skills, technical expertise, and an understanding of advanced cybersecurity principles and best practices.
You will lead security event monitoring and incident response efforts by applying your
leadership
and analytic skills to investigate alerts and escalations, identify malicious activity, and collaborate with enterprise stakeholders. Responsibilities:
Manage daily security operations activities such as responding to alerts, monitoring security inbox for escalations, and coordinating with service owners, business stakeholders, and senior leaders. Leading incident response activities as the Incident Commander such as directing containment and eradication activities, assessing reports, assisting in developing crisis response and communications plans, and directing incident recovery procedures. Oversee all management activities related to security operations including people management, training, and mentoring to direct reports.
Convery potential and realized risks to business stakeholders and senior leaders with plans for how to remediate them. Generate and report security metrics to ensure appropriate performance and adherence to standards. When directed, create compliance reports, and support the audit process. Partner with the security architecture, security engineering and security automation teams to improve tool usage and workflow, as well as with the advanced threats and assessment team to mature monitoring and response capabilities.
Manage
career development
for team members, including training and mentoring, conducting performance reviews, and exhibiting behaviors to be modeled by team members.
Minimum Requirements:
10+ years of relevant cyber security experience in Threat Hunting, Security Operations, Incident Response, or network security with strong knowledge and experience leading a Security Operations or Incident Response team. Experience training and managing security operations staff. Proficiency in the use and management of Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), and Endpoint Detection and Response (EDR) tools.
Experience in implementing automations to support and augment security operations processes, people, and technology. Experience developing and implementing security policies in an enterprise environment. Experie…
