SOC Cyber Security Analyst

McKesson   •  

Alpharetta, GA

5 - 7 years

Posted 213 days ago

This job is no longer available.



McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payors, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. We believe in the importance of strong, vital organizations because we know that patients can only be healthy when our system is healthy.

Every single McKesson employee contributes to our mission—by joining McKesson you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

We understand the importance of a system that works together. Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Join our team of leaders to begin a rewarding career.

Wherever you contribute here at McKesson, you will have the ability to make a real impact in the lives of others.


Current Need 

We are searching for a SOC Cyber Security Analyst to join our growing Security Operations Center team.  The candidate must be familiar with SOC monitoring, networkthreat hunting and incident handling.  This position will be located in our Alpharetta, GA or Scottsdale, AZ office.

  Position Description   Responsibilities

  • Review and modify the information securitythreat monitoring toolset content to better detect and preventsecurity incidents

  • Identify false positives and work with appropriate team members for alert tuning

  • Accept escalations for triage and identification of threatevents for escalation to potential security incident

  • Performing the role of incident handler, as necessary

  • Provide consistent and accurate incident and event documentation

  • Perform quality review of tickets for documentation accuracy and consistency

  • Follow formal change control processes and create appropriate documentation for changes to prevent or minimize outages

  • Define and implement automation and orchestration scenarios

  • Develop tools or scripts to automate repeatable tasks

  • Collaborate with Senior  Analysts to keep SOC tools and applications in good health and hygiene

  • Maintain and enforce adherence to corporate and SOC standards, processes and procedures

  • Gathers technical information pertaining to current threat posture for the BUs and Corporate environment, new securitythreats, visible exploit trends

  • Contribute to, compile and distribute the daily shift turnover reports

  • Experience with process design and documentation




Minimum Requirements

  • Typically has 4+ years relevant experience

Critical Skills  

  • Knowledge of foundational security principles

  • Experience with Incident Response and threat hunting

  • Experience searching for published IOCs across many platforms

  • Excellent problem-solving and technical skills

  • Experiencewith ticketing and case management solutions

  • Experience analyzing Firewall/IPS/IDS

  • Experience analyzing user authentication and authorization technologies

  • Ability to multi-task, troubleshoot, and prioritize

  • Proficiency investigating securityevents and incidents to completion

  • Detail-oriented, self-motivated and disciplined, with excellent time management skills 

Additional Knowledge & Skills  

  • Experience across Windows and Unix environments

  • Previous experience with Tanium and Sentinel One or another next gen endpoint detection tool

  • Previous work experience in a Security Operations Center

  • Understanding of database structures and management systems

  • Experience analyzing logs in a SIEM

  • Malware detection and analysis tools

  • Cyber Threat Intelligence

  • Relevant security certifications (CISSP, CISA, GIAC, Security Plus)

  • Automation and orchestration

  • Scriptingexperience – Python, Powershell, etc.

  • Regular expressions
  • Cloud and Office 365Security Monitoring Experience

4-year degree in computer science or related field or equivalent experience

Physical Requirements

General Office Demands