VP, Enterprise Access Management
McKesson Europe
Atlanta Metro
6d ago

The Vice President of Enterprise Access Management is responsible for the development leadership of an enterprise identity and access management (IAM) technical team, globally delivering a cohesive set of technical capabilities across the full lifecycle of employee, partner, and customer identity and access.

The role will work closely with stakeholders internally and externally to lead technical IAM services. The VP is ultimately responsible for the human and technical resources required to meet commitments for and support the enterprise security and access management environment for McKesson.

  • This leader will demonstrate extensive knowledge and experience reviewing access requests from users; conducting analysis of users’ needs in order to make appropriate decisions for provisioning / de-provisioning;
  • defining Identity Governance in line with the legal / regulatory requirements and McKesson’s policy framework.

    Position Description

    Responsibilities will include :

  • Development leadership People leadership supporting identity management technical team members across multiple products and disciplines including access management, identity governance, privilege access, directory services, role based access controls, public key infrastructure (PKI) and cryptography.
  • Strategic Planning Develop and maintain a comprehensive vision and strategy of how identity services can and will be used to accomplish department objectives of protecting our systems and data while facilitating new and existing business models highly dependent on technology.
  • Program Management Assist in managing a large portfolio of identity services and the pipeline of projects / tasks to create, evolve, and change them as needed.
  • Various peers and partners will provide support from the Information Security and Risk Management (ISRM) organizations including risk management alignment, project management, financial planning, and human resources.

  • Operations Lead adoption of capabilities that delivers business critical control sets including : Provisioning, authentication, authorization, and password management, access request management, workflow and approval management, privileged access management, web access SSO, cloud, mobile, and federated SSO, risk based adaptive access, API security, Active Directory, virtual directory services, meta directory, IAM synchronization, Graph data services, access certification, SOD detection and prevention, role governance and data mining, behavior analytics, and ERP security.
  • Project Odyssey Program sponsorship relative to meeting IT SOX Access Management requirements and creating long-term sustainability by delivering an integrated Enterprise Access Management and Identity Governance capability.
  • Routinely collaborate with other stakeholders across the enterprise including security architecture, active defense, security systems administration / tools management, application security, and security software engineering to defend our enterprise.
  • Coordinate closely with the ISRM leadership team to provide regular metrics and reporting to measure the efficiency and effectiveness of the services, facilitate appropriate resource allocation, and increase the overall maturity of security capabilities.
  • Collaborate with other corporate functions including Internal Audit, Legal and Compliance, Privacy, and Enterprise Sourcing to ensure that the organization maintains a strong security posture.
  • Liaise with Business Information Security Officers (BISOs) for cybersecurity and IT Risk & Compliance Management program needs within business units.

  • Develop and manage a security budget and develop strategic plans to invest resources to efficiently reduce cybersecurity risk.
  • Minimum Requirements

  • 15+ years of professional experience in a technical, development, security, or related IT field
  • 10+ years diversified leadership, planning, communication, organization, and people motivation skills.
  • Critical Skills

  • 8+ years in one of the following : cybersecurity / information security / software development / infrastructure
  • Minimum of 5 years’ experience in IAM services, security engineering, software development, other IT, and / or technical risk management
  • Strong management skills planning, organizing, leading, and measuring service driven teams
  • Strong interpersonal and communications skills to build / maintain ongoing business relationships
  • Experience with compliance regulations / laws, security frameworks and standards (e.g., NIST, HIPAA, ISO, COBIT, OWASP , ITIL, FedRamp, GDPR, etc.).
  • Ability to exercise and mentor others on good professional judgment and security related ethics
  • Additional Knowledge & Skills

  • Knowledge of the healthcare, distribution, or software industries is a plus
  • Experience with law enforcement, defense, or intelligence community a plus
  • Knowing Our Business Develops market and business unit analysis, strategic priorities, and / or financial assumptions for McKesson’s long-range planning process.
  • Communicates a view of the desired future state of the business to senior executives

  • Technology Integration Ability to integrate various security and data protection technologies and controls into a cohesive architecture that sufficiently mitigates risk.
  • Risk Expertise Understands and has knowledge of risk areas including regulatory, operational, information, technology risk and industry specific legalese
  • Information Security Good knowledge of information, application and infrastructure security control mechanisms
  • Consulting & Advisory Act as a trusted advisor and partner; Ensure IT security program compliance through relationships, partnerships, and professional influence.
  • Enterprise Orientation / Global Mindset Drives synergies and partnership between Business Units at the global enterprise level
  • Preferred qualifications : CISSP, CISA, CISM
  • Education

    4 year degree in computer science, other engineering, or related field or equivalent experience

    McKesson is an Equal Opportunity / Affirmative Action employer.

    All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.

    Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

    McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities.

    If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to McKessonTalentAcquisition mckesson.

    com . Resumes or CVs submitted to this email box will not be accepted.

    Current employees must apply through the internal career site.

    Join us at McKesson!

    Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form