McKesson
is hiring
Senior Business Analyst, Compliance
About Our Company
As a global healthcare company, we touch virtually every aspect of health. We work with biopharma companies, care providers, pharmacies, manufacturers, governments, and others to deliver insights, products and services that make quality care more accessible and affordable.
Job Description & Responsibilities
Job Title: JR0098163 Sr. Compliance Business Analyst, Imaging & Content Platforms
Job Responsibilities include:
- Conduct audit simulations and sampling
- SOX control reviews and ownership designation for improvement opportunities
- Evaluate any new vulnerabilities, encryption requirements or other ISRM related requests
- Coordinate delivery dates and prioritization across app owners for tech for tech initiatives
- Establish a central library of controls and standards
On New Projects/Initiatives:
- Participate as the project begins by establishing standards and governance aligned to AVEC
- Establish a checklist approach
- Emphasis on security by design and offensive engineering
- Support a centralized provisioning model
For Existing In-Scope Systems:
- Conduct investigations
- Establish a ranking for application’s ability to pass an audit
- Form remediation plans and drive alignment with app owners and leadership
For Audits/Assessments:
- Participate in internal and external audits as “coaches” during the process
- Enable visibility across apps to drive consistency in response and remediation efforts identified by auditors
- Support app owners in change control sampling, UARs, effective responses to audit
- Coordinate with auditors/stakeholders on managing timelines associated to delivery of audit samples
For Identified deficiencies/improvement opportunities:
- Ownership of end-to-end remediation tasks
- Act as consultants to the app owners and other parts of MT
- Own escalation and prioritization
For Legacy/EOL applications:
- Identify areas where current applications can be reduced or shifted to alternate platforms
- Support app rationalization efforts by limiting investments in legacy tech
- Conduit to BISO's, Compliance Officers and other Stakeholders
Requirements
Good to have experience in compliance with ITGC, SOX, HIPAA, SOC and other regulations
What we offer
As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.
Our Base Pay Range for this position
$100,200 - $167,000