Sr. Cyber Risk Assurance Analyst

Overview

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

Position Summary

McKesson is hiring for a Sr. Cyber Risk Assurance Analyst who will be responsible for collaborating across legal, compliance, and technical teams to ensure alignment with regulatory frameworks such as HIPAA, NIST 800-53, FIPS-140, and CMS ARS. This role requires a strong technical background and deepexpertisein compliance, privacy, and risk management. The ideal candidate will translate complex government regulatory guidance (e.g.,NIST CVE, CMS ARS) into actionable business and technical requirements,driving toward secure and compliant designs that are compliant with relevant reference architecture frameworks.

Key Responsibilities

• Conduct cybersecurity risk assessments for internal systems and third-party applications within the regulated environment.
• Drive vulnerability management plan based on strict risk-based classifications across mul-tiple platforms, engaging all asset owners.
• Contribute to the formulation of cybersecurity strategies by advising risk reduction priorities related to vulnerability trends.
• Ensure compliance with all applicable regulatory frameworks and requirements.
• Translate technical frameworks and regulatory guidance (e.g., NIST CVE, Zero Trust, FIPS-140) into actionable requirements for technical and business teams.
• Collaborate with legal, compliance, and engineering business partners to integrate requirements into contracts and system designs.
• Support continuous audit readiness, evidence collection, and remediation planning.
• Develop and maintain policies and procedures to support regulatory compliance and risk management.
• Partner with multiple business units to ensure success in third-party audits.
• Provide risk insights and recommendations to leadership to improve organizational risk posture.
• Foster a culture of accountability and awareness across the business unit.

Minimum Requirements

Degree or equivalent and typically requires 7+ years of relevant experience

Critical Skills

Additional Skills and Certifications

Compensation and Benefits

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$99,800 - $166,300

Equal Opportunity

McKesson is an Equal Opportunity Employer. McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson's full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!

#J-18808-Ljbffr