McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Position Description/Responsibilities: 

Ability to manage short and long-term intel priorities and internal customer relationships. 

Identify gaps in business process, technology, and threats to elevate specific Risks. 

Write clear, succinct, and audience-specific reports and presentations to convey analytic insight from publicly available information (PAI) and commercially available intelligence (CAI).  

Respond to requests for information by investigating threats in PAI and CAI, and developing further context in investigative tools (e.g. virus total, silent push, spy cloud, etc.).

Leverage threat intelligence platform data collection and triage to deliver value via ticket, alert, or dashboard for insight into an IOC, TTP rule, actor behavior, campaign, or trend.  

Enable detection with proactive investigative threat hunting leads and directly support incident response with real-time context during investigations.  

Develop and refine playbooks, workflow, and process mapping ensuring proper escalation and handoffs within the CTI and Information Security Risk Management organization.  

Minimum Qualifications:

Degree or equivalent and typically requires 7+ years of relevant experience.

Critical Experience/Skills: 

The ideal candidate should possess experience in two or more of the following areas, including: Intel analysis, security research, host and network security, pentesting/offensive security, and security automation.

5+ years of professional experience in CTI, incident response, threat hunting, or security engineering or detection roles. 

Demonstrated interpersonal, organizational, and communication skills with both technical and non-technical stakeholders.  

Analytic skills—qualitative and quantitative; creative and curious problem-solving skills.  

Experience delivering engineering requirements for features, tools, or data improvements.  

Knowledge working with data, scripting, normalizing, and automating inputs and outputs (e.g. excel macros, python scripts/notebooks, API integration, SIEM dashboards, BI tools) 

Knowledge of tracking actors across the eCrime, nation state, and fraud domains. 

Knowledge of frameworks and how to leverage them to prioritize TTP gaps, actor tracking, and intrusion analysis among others (e.g. MITRE ATT&CK, Diamond Model, Cyber Kill Chain) 

Preferred Experience/Skills:

Bachelor’s degree in computer science, Information Security, Security Engineering, Management Information Systems, Risk Management. 

Certifications in or courses like the below are competitive:  

FOR578: Cyber Threat Intelligence Training 

FOR610: Reverse Engineering Malware Training 

SEC503: Network Monitoring and Threat Detection In-Depth 

SEC560: Enterprise Penetration Testing Course  

SEC573: Automating Information Security with Python 

OffSec Certified Professional (OSCP) certification  

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.  In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. 

Our Base Pay Range for this position