Senior Cyber Threat Intel Analyst

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Job Description

Position Description/Responsibilities 

• Ability to manage short and long-term intel priorities and internal customer relationships. 
• Identify gaps in business process, technology, and threats to elevate specific Risks. 
• Write clear, succinct, and audience-specific reports and presentations to convey analytic insight from publicly available information (PAI) and commercially available intelligence (CAI).  
• Respond to requests for information by investigating threats in PAI and CAI, and developing further context in investigative tools (e.g. virus total, silent push, spy cloud,  etc.) 
• Leverage threat intelligence platform data collection and triage to deliver value via ticket, alert, or dashboard for insight into an IOC, TTP rule, actor behavior, campaign, or trend.  
• Enable detection with proactive investigative threat hunting leads and directly support incident response with real-time context during investigations.  
• Develop and refine playbooks, workflow, and process mapping ensuring proper escalation and handoffs within the CTI and Information Security Risk Management organization.  

Critical Requirements 

• Demonstrated interpersonal, organizational, and communication skills with both technical and non-technical stakeholders.  
• Analytic skills—qualitative and quantitative; creative and curious problem-solving skills.  
• Experience delivering engineering requirements for features, tools, or data improvements.  
• Knowledge working with data, scripting, normalizing, and automating inputs and outputs (e.g. excel macros, python scripts/notebooks, API integration, SIEM dashboards, BI tools) 
• Knowledge of tracking actors across the eCrime, nation state, and fraud domains.  
• Experience driving intel innovation forward, from manual (google), semi-automated (RSS), to automated processing (TIP), dissemination (SOAR), and analytics (e.g. SEIM or business intel)  
• Knowledge of frameworks and how to leverage them to prioritize TTP gaps, actor tracking, and intrusion analysis among others (e.g. MITRE ATT&CK, Diamond Model, Cyber Kill Chain) 

Following Qualifications would be advantageous: 

• 5+ years of professional experience in CTI, incident response, threat hunting, or security engineering or detection roles.  
• Bachelor’s degree in computer science, Information Security, Security Engineering, Management Information Systems, Risk Management. 
• The ideal candidate should possess experience in two or more of the following areas, including: Intel analysis, security research, host and network security, pentesting/offensive security, and security automation. Certifications in or courses like the below are competitive:  

• FOR578: Cyber Threat Intelligence Training 
• FOR610: Reverse Engineering Malware Training 
• SEC503: Network Monitoring and Threat Detection In-Depth 
• SEC560: Enterprise Penetration Testing Course  
• SEC573: Automating Information Security with Python 
• OffSec Certified Professional (OSCP) certification  

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.  In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. 

Our Base Pay Range for this position