McKesson Sr. Dir Identity Access Mngt in Munster, Ireland

McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payors, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. We believe in the importance of strong, vital organizations because we know that patients can only be healthy when our system is healthy.

Every single McKesson employee contributes to our mission—by joining McKesson you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.

We understand the importance of a system that works together. Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Join our team of leaders to begin a rewarding career.

Wherever you contribute here at McKesson, you will have the ability to make a real impact in the lives of others.

McKesson has embarked on an important mission to become the leader in cybersecurity for global healthcare. We are making significant investments to enhance our capabilities through talent development, resource levels, process maturity, and technology enablement.

As McKesson’s Sr. Director or VP of Identity and Access Management Engineering, you will be a key component of our team. This position will be responsible for delivering a cohesive set of technical capabilities across the full lifecycle of employee, partner, and customer identity and access. The role will work closely with others across the company and outside the company to lead technical IAM services.

Responsibilities will include:

Strategic Planning – Develop and maintain a comprehensive vision and strategy of how IAM services can and will be used to accomplish department objectives of protecting our systems and data while facilitating new and existing business models highly dependent on technology.

Program Management - Manage a large portfolio of IAM operational services and the pipeline of projects/tasks to create, evolve, and change them as needed. Various peers and partners will provide support from the Information Security and Risk Management (ISRM) and Enterprise Technology Services (ETS) organizations including risk management alignment, project management, financial planning, and human resources.

Operations – Build and lead a team that delivers business critical control sets including:

  • Provisioning

  • Authentication, authorization, and password management

  • Access request management

  • Workflow and approval management

  • Privileged access management

  • Web access SSO, cloud, mobile, and federated SSO

  • Risk-based adaptive access

  • API security

  • Virtual directory services

  • Meta directory

  • IAM synchronization

  • Graph data services

  • Access certification

  • SOD detection and prevention

  • Role governance and data mining

  • Behavior analytics

  • You’ll be given access to a broad set of technology/tools, strong financial support, and the ability to set and drive new/improved directions as needed

Collaboration, Reporting and Financial Management -

  • Routinely collaborate with other stakeholders across the enterprise including security architecture, active defense, security systems administration/tools management, application security, and security software engineering to defend our enterprise.

  • Coordinate closely with the ISRM Program Management team to provide regular metrics and reporting to measure the efficiency and effectiveness of the services, facilitate appropriate resource allocation, and increase the overall maturity of security capabilities.

  • Collaborate with other corporate functions including Internal Audit, Legal and Compliance, Privacy, and Enterprise Sourcing to ensure that the organization maintains a strong security posture.

  • Liaise with Business Information Security Officers (BISOs) for cybersecurity and IT Risk & Compliance Management program needs within business units.

  • Develop and manage a security budget and develop strategic plans to invest resources to efficiently reduce cybersecurity risk.

Minimum Requirements

8 years cybersecurity/information security experience including 4 years management experience

Critical Skills

  • Minimum of 8 years’ experience in IAM services, security engineering, other IT, and/or technical risk management

  • Deep technical understanding of IAM and service lifecycles including capacity planning and change management

  • Strong management skills planning, organizing, leading, and measuring service driven teams

  • Strong interpersonal and communications skills to build/ maintain ongoing business relationships

  • Experience with compliance regulations/laws, security frameworks and standards (e.g., NIST, HIPAA, ISO, COBIT, OWASP, ITIL, etc.).

  • Ability to exercise and mentor others on good professional judgment and security-related ethics

Additional Knowledge & Skills

  • Knowledge of the healthcare, distribution, or software industries is a plus

  • Experience with law enforcement, defense, or intelligence community a plus

  • OSCP, SANS/GIAC, CISSP or other similar professional certifications are a plus


4-year degree in computer science, other engineering, or related field or equivalent experience

Physical Requirements

General Office Demands

Job: Technology

Organization: McKesson Corporate

Title: Sr. Dir Identity Access Mngt

Location: Ireland-Munster-Cork

Requisition ID: 17003781