Job Description

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve xe2x80x93 we care.What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrowxe2x80x99s health today, we want to hear from you.Description de PosteNous recherchons un Responsable de la Sxc3xa9curitxc3xa9 de l'Information d'Entreprise (BISO) qui dirigera, planifiera, orientera et contrxc3xb4lera les activitxc3xa9s lixc3xa9es xc3xa0 l'assurance, xc3xa0 la sxc3xa9curitxc3xa9 (information, application et infrastructure) et xc3xa0 la conformitxc3xa9 au sein de l'Unitxc3xa9 Commerciale de McKesson Canada. Ce rxc3xb4le de Responsable de la Sxc3xa9curitxc3xa9 (P6) assure la livraison rxc3xa9ussie des services de gestion des risques informatiques et de sxc3xa9curitxc3xa9 de l'information en conformitxc3xa9 avec les politiques et normes de cybersxc3xa9curitxc3xa9 de McKesson, ainsi que le cadre NIST.Le candidat idxc3xa9al est dynamique, possxc3xa8de une forte prxc3xa9sence et une passion pour apporter de la valeur xc3xa0 la fonction de cybersxc3xa9curitxc3xa9. Il possxc3xa8de une expertise approfondie en sxc3xa9curitxc3xa9 technique, gouvernance et gestion des risques, et sera le principal dxc3xa9fenseur des initiatives de sxc3xa9curitxc3xa9 dans l'unitxc3xa9 commerciale, en maintenant une cohxc3xa9rence avec l'organisation de cybersxc3xa9curitxc3xa9 de McKesson.Le candidat travaillera directement avec les dirigeants seniors de l'entreprise et devrait avoir les capacitxc3xa9s requises pour rxc3xa9ussir xc3xa0 ce niveau. Cette personne fera partie d'une grande xc3xa9quipe de professionnels de la sxc3xa9curitxc3xa9 dans une structure conxc3xa7ue pour les aider xc3xa0 rxc3xa9ussir dans la fourniture d'une sxc3xa9curitxc3xa9 de premier ordre xc3xa0 ce groupe de parties prenantes.Ce rxc3xb4le relxc3xa8ve directement du Deputy CISO.Compxc3xa9tences requises :Historique dxc3xa9montrable d'exxc3xa9cution impactante dans ce domaine.Penseur stratxc3xa9gique avec la capacitxc3xa9 de communiquer et d'influencer tant au niveau des xc3xa9quipes techniques qu'au niveau de la haute direction.Capacitxc3xa9 xc3xa0 intxc3xa9grer divers contrxc3xb4les de sxc3xa9curitxc3xa9 et de protection des donnxc3xa9es pour identifier et attxc3xa9nuer efficacement les risques.Solide connaissance des plateformes technologiques cybernxc3xa9tiques qui aident xc3xa0 la Dxc3xa9tection et xc3xa0 la Protection, et capacitxc3xa9 xc3xa0 interagir avec ces xc3xa9quipes en tant que pair.Bonne familiaritxc3xa9 avec les mxc3xa9canismes de contrxc3xb4le de la sxc3xa9curitxc3xa9 de l'information, des applications et de l'infrastructure.Expxc3xa9rience dans l'utilisation du cadre NIST pour une gestion efficace de la cybersxc3xa9curitxc3xa9 et des risques.Solide comprxc3xa9hension des lois sur la protection de la vie privxc3xa9e, des rxc3xa9glementations sur la protection des donnxc3xa9es, des pratiques de notification de violation et de la gestion des rxc3xa9ponses aux incidents.Capacitxc3xa9 xc3xa0 agir en tant que conseiller de confiance et partenaire de l'Unitxc3xa9 Commerciale de McKesson Canada, en articulant clairement le paysage des risques et en fournissant des recommandations sur les domaines oxc3xb9 l'unitxc3xa9 devrait concentrer son attention et ses ressources du point de vue des risques cybernxc3xa9tiques.Principales responsabilitxc3xa9s :Gestion des risques :Gxc3xa9rer les exigences spxc3xa9cifiques en matixc3xa8re de cybersxc3xa9curitxc3xa9 et de risque pour McKesson Canada, en veillant xc3xa0 une exxc3xa9cution de haute qualitxc3xa9.Coordonner les examens des risques informatiques, de la conformitxc3xa9 et des audits, et aider xc3xa0 la remxc3xa9diation des constatations.S'assurer que les programmes technologiques sont conformes aux lois, rxc3xa9glementations et politiques de cybersxc3xa9curitxc3xa9 de McKesson pertinentes.Conformitxc3xa9 :Diriger de manixc3xa8re proactive et participer aux initiatives des fonctions corporatives pour reprxc3xa9senter la fonction de cybersxc3xa9curitxc3xa9.S'assurer que les programmes de sxc3xa9curitxc3xa9 rxc3xa9pondent aux constatations de gestion des risques informatiques et suivent les lois, rxc3xa9glementations et politiques pertinentes.Engagement des parties prenantes :Fournir des conseils pratiques et des orientations permettant xc3xa0 l'Unitxc3xa9 Commerciale de prendre des dxc3xa9cisions de priorisation basxc3xa9es sur les risques cybernxc3xa9tiques.Rapporter les principaux indicateurs de risque et de performance en matixc3xa8re de cybersxc3xa9curitxc3xa9 xc3xa0 la direction de McKesson Canada pour une prise de dxc3xa9cision xc3xa9clairxc3xa9e.Dxc3xa9velopper de solides partenariats avec les leaders informatiques et les xc3xa9quipes de service de cybersxc3xa9curitxc3xa9 pour gxc3xa9rer le risque de cybersxc3xa9curitxc3xa9 de McKesson Canada.Qualifications minimales :Diplxc3xb4me de licence ou expxc3xa9rience xc3xa9quivalente en sxc3xa9curitxc3xa9 de l'information, informatique ou domaine connexe.Plus de 15 ans d'expxc3xa9rience professionnelle pertinente, dont plus de 8 ans dans des rxc3xb4les impactants interagissant avec des parties prenantes senior dans une fonction de cybersxc3xa9curitxc3xa9 ou de technologie.Certifications prxc3xa9fxc3xa9rxc3xa9es : CISSP, CISM ou certifications xc3xa9quivalentes.Le.la titulaire de ce poste aura xc3xa0 soutenir de faxc3xa7on quotidienne des clients internes et/ou externes xc3xa0 lxe2x80x99extxc3xa9rieur du Quxc3xa9bec et/ou aux xc3x89tats-Unis. Par consxc3xa9quent, ce poste requiert une maxc3xaetrise de lxe2x80x99anglais xc3xa0 lxe2x80x99xc3xa9crit et xc3xa0 lxe2x80x99oral. Veuillez noter que le nombre de postes dont les txc3xa2ches requixc3xa8rent une connaissance de la langue anglaise a xc3xa9txc3xa9 restreint dans la mesure du possible.We are looking for a Business Information Security Officer (BISO) who will lead, plan, direct, and control activities for assurance, security (information, application, and infrastructure), and compliance across the McKesson Canada Business Unit. This Security Principal (P6) role ensures successful delivery of Information Security and IT risk management services in compliance with McKesson Cyber Security policies, standards, and the NIST framework.The ideal candidate has high energy, strong presence, and a passion for delivering value from the cybersecurity function. They possess deep technical security, governance, and risk expertise and will be the primary advocate for security initiatives in the BU, maintaining consistent alignment with the McKesson Cyber Security organization.The candidate will work directly with senior leaders across the business and should have the requisite capabilities to succeed at that level. This individual will work as part of a large team of security professionals in a structure designed to help them succeed in delivering best-in-class security to this stakeholder group.This role reports directly to the Deputy CISO.Required Skills:Demonstratable track record of impactful execution in this space.Strategic thinker with the ability to communicate and influence at both technical team and senior management levels.Ability to integrate various security and data protection controls to identify and mitigate risk effectively.Strong knowledge of cyber technology platforms that assist with Detect and Protect and the ability to interact with those teams as a peer.Strong familiarity with information, application, and infrastructure security control mechanisms.Experience utilizing the NIST framework for effective cybersecurity and risk management.Strong understanding of privacy laws, data protection regulations, breach notification practices, and incident response management.Ability to act as a trusted advisor and partner to the McKesson Canada BU clearly articulating the risk landscape and providing input as to where the BU should focus their attention and resources from a cyber risk perspective.Key Accountabilities:Risk Management:Manage McKesson Canada specific cyber security and risk requirements, ensuring high-quality execution.Co-ordinate IT risk, compliance, and audit reviews, and assist with remediation of findings.Ensure technology programs comply with relevant laws, regulations, and McKesson cyber security policies.Compliance:Proactively lead Participate in corporate function initiatives to represent the cybersecurity function.Ensure security programs address IT risk management findings and follow relevant laws, regulations, and policies.Stakeholder Engagement:Provide practical advice and direction enabling the BU to make cyber risk-based prioritization decisionsReport Key Risk and cyber security performance Indicators to McKesson Canada leadership for informed decision-making.Develop strong partnerships with IT leaders and Cyber Security service teams to manage McKesson Canada cyber security risk.Minimum Qualifications:Bachelorxe2x80x99s Degree or equivalent experience in Information Security, Computer Science, or related field.15+ years of relevant professional experience, including 8+ years in impactful roles interacting with senior stakeholders in a cyber security or technology function.Preferred Certifications: CISSP, CISM, or equivalent certifications.The incumbent of this position will provide daily support to internal and/or external clients outside Quebec and/or in the United States. Therefore, he/she must be proficient in spoken and written English. Please note that the number of positions requiring English language skills has been limited where possible.We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, pleaseOur Base Pay Range for this position$120,600 - $201,000McKesson is an Equal Opportunity EmployerMcKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKessonxe2x80x99s full Equal Employment Opportunity policies, visit our page.Join us at McKesson!

McKesson