CT - Lead Cyber Security Program Manager
McKesson

Job Info

---

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

We are seeking an experienced and proactive Cybersecurity Service Delivery Lead to oversee key third-party services, MSSP arrangements, and staffing agreements. The ideal candidate is an independent thinker with excellent problem-solving skills who can play an important role in running Cybersecurity as a business. This position will report to the Director of Service Delivery within the McKesson Cybersecurity team and collaborate with leaders across the department. This role requires familiarity with multiple Cybersecurity disciplines as well as meticulous attention to detail.

Role/Responsibilities:

Contract Performance & Governance

• Collaborate with the McKesson Technology Vendor Management function to provide consistent governance over third-party staffing or MSSP service providers, including monitoring Suppliers' compliance with contract terms and conditions, routine attestations and reports and critical deliverables supporting the Cybersecurity teams.
  
• Manage security benchmarking activities to monitor Suppliers' performance against industry standards.
  
• Govern defined SLA commitments and other financial/operational metrics across Cybersecurity.
  
• Lead Cybersecurity third-party staffing or MSSP supplier governance activities.
  
• Prepare regular reports and maintain accurate records of contracts, issues, and any associated activities related to key agreements.
  

Issue Resolution

• Leads effort to manage and resolve issues between internal teams and external Suppliers.
  
• Facilitate timely problem resolution of service or contractual issues to minimize impact of cybersecurity service disruptions.
  

Vendor Selection & New Requirements

• Provide Cybersecurity requirements to potential vendors and assists Sourcing and the MT Vendor Management Office in the negotiation for all amendments, new services and any other changes requiring contractual resolution.
  
• Ensure statements of work or contract amendments are developed to meet business needs, working in partnership with Cybersecurity management and third-party vendors.
  
• Partner with Sourcing to lead vendor selection activities as needed.
  

Compliance and Quality Control

• Validates Suppliers' compliance with industry standard audit reports (e.g., SOC2).
  
• Ensure that appropriate audit controls are in place for Suppliers' processes and invoices.
  
• Ensure suppliers comply with business compliance requirements.
  

Financial Management

• Lead efforts with Cybersecurity leaders to develop new business cases where third-party staffing and services are involved; conduct periodic reviews to ensure commercial arrangement continues to yield value.
  
• Evaluate proposed statements of work value and recommend changes.
  
• Track cybersecurity contractors, maintain financial forecast and communicate changes as needed.
  
• Ensure required company's commercial contracting processes are followed, including aligning to business approvals.
  
• Work with cybersecurity Leaders to identify and implement continuous improvement activities related to those services provided by third-parties, including the reduction of costs and improvement of SLAs.
  

Service Transition and Improvements

• Lead Cybersecurity service transition and transformation activities pertaining to strategic supplier strategies; will include oversight to ensure the development of SOPs, runbooks, etc. across multiple security service areas to support third-party execution of services.
  

Qualifications:

• 10+ years of relevant experience.
  
• Bachelor's degree or equivalent experience.
  

PREFERRED SKILLS AND EXPERIENCE

• Excellent communication and customer-facing skills.
  
• Strong financial acumen and supplier contract management experience.
  
• Strategic to tactical decision-making.
  
• Experience in dealing with third-party-provided services.
  
• Operational ability in a diverse, large-scale environment.
  
• In-depth knowledge of escalation procedures, incident management, and service delivery.
  

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$139,000 - $231,600

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson's full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!

---