Lead Cybersecurity Architect - Resiliency Focus
McKesson

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

Overview: A Cybersecurity Architect with expertise in business resiliency, cyber vaulting, and backup and recovery is responsible for designing and implementing robust security systems and architectures that not only protect the organization's information assets but also ensure the continuity and rapid recovery of critical business functions. This role involves integrating cybersecurity strategies with business continuity and disaster recovery practices, particularly focusing on safeguarding data through advanced backup and cyber vaulting techniques.

Key Responsibilities:

Security Architecture Design:

• Design and develop comprehensive security architectures that protect the organization's data, applications, and infrastructure, with a particular focus on resilience and rapid recovery.
  
• Create detailed security design specifications and diagrams that incorporate advanced backup and recovery solutions, including cyber vaulting and data replication strategies.
  
• Ensure security designs meet regulatory requirements, industry best practices, and organizational recovery time and point objectives (RTOs/RPOs).
  

Business Resiliency and Recovery Strategy:

• Develop and implement business resiliency strategies that align with the organization's continuity planning and disaster recovery requirements.
  
• Lead efforts in designing and implementing cyber vaulting solutions to secure critical data in isolated, immutable environments.
  
• Collaborate with business continuity and IT disaster recovery teams to integrate cybersecurity controls into broader recovery plans.
  

Backup and Recovery Solution Development:

• Architect and implement secure, scalable backup and recovery solutions to ensure data integrity and availability.
  
• Evaluate and recommend technologies for backup, restoration, and recovery, ensuring that they align with cybersecurity policies and business requirements.
  
• Perform regular testing and validation of backup and recovery systems, including cyber vaulting, to ensure preparedness against potential cyber threats.
  

Implementation and Integration:

• Lead the implementation of security architectures, ensuring seamless integration with existing systems, including backup and recovery tools.
  
• Work closely with IT, development, and business continuity teams to deploy and maintain resilient security solutions.
  
• Ensure that security controls, including those related to data backup and recovery, are implemented effectively, and operate as intended.
  

Security Solution Evaluation:

• Evaluate and select security technologies, tools, and solutions that enhance business resiliency and backup and recovery capabilities.
  
• Conduct proof-of-concept activities and pilot new solutions that improve the organization's ability to withstand and recover from cyber incidents.
  
• Recommend improvements and upgrades to existing security systems, with a focus on recovery and resiliency.
  

Technical Support and Troubleshooting:

• Provide technical support for security incidents, with an emphasis on data recovery and restoration.
  
• Troubleshoot and resolve security-related issues, including those affecting backup and recovery operations.
  
• Ensure that all security solutions, including backup and cyber vaulting systems, are resilient and recoverable.
  

Documentation and Standards:

• Develop and maintain comprehensive documentation for security architectures, designs, and implementations, particularly for backup and recovery solutions.
  
• Establish and enforce security standards, policies, and procedures that include robust business continuity and data recovery practices.
  
• Ensure documentation is up-to-date and accessible to relevant stakeholders, including those involved in business resiliency and recovery planning.
  

Security Assessments and Audits:

• Conduct security assessments and audits to ensure compliance with security policies, standards, and recovery objectives.
  
• Identify vulnerabilities in both security and recovery processes and recommend remediation measures.
  
• Support external audits, regulatory assessments, and business continuity exercises as needed.
  

Collaboration and Communication:

• Collaborate with cross-functional teams, including business continuity, disaster recovery, and IT operations, to ensure security is integrated into all aspects of IT and business operations.
  
• Communicate security architecture designs, including recovery and resiliency strategies, to technical and non-technical stakeholders.
  
• Provide training and guidance on security architecture best practices, emphasizing business resiliency and recovery.
  

Qualifications:

Experience:

• Minimum of 8-10 years of experience in cybersecurity, with a focus on security architecture and business resiliency.
  
• Proven experience in designing and implementing security architectures, including backup and recovery solutions.
  
• Experience with a variety of security technologies, platforms, and recovery tools.
  

Critical Skills:

• Deep understanding of security principles, practices, and frameworks, with a specific emphasis on business resiliency and recovery.
  
• Strong technical skills in areas such as network security, application security, cloud security, and data protection.
  
• Expertise in cyber vaulting, backup, and recovery technologies.
  
• Excellent analytical and problem-solving abilities.
  
• Strong communication and interpersonal skills for effective collaboration and presentation.
  
• Ability to manage multiple projects and priorities in a dynamic environment.
  

Education:

• Bachelor's degree (in Computer Science, Information Technology, Cybersecurity, or a related field), or equivalent work experienc4e.
  
• Advanced technical certifications or a Master's degree is preferred.
  

Certifications:

• Relevant certifications such as CISSP, CISM, TOGAF, CBCP (Certified Business Continuity Professional), or similar are highly desirable.
  

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$139,000 - $231,600

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson's full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!

---