Tomorrow’s health is… Tackling challenges no one else can.

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Position Overview:

We are looking for a highly motivated and detail-oriented security analyst to join our Identity Access Management team. This role is responsible for supporting the day-to-day security operations of SAP and JD Edwards EnterpriseOne (E1) systems. The analyst will handle Level 1 and Level 2 service tickets, troubleshoot user access and authorization issues, maintain access roles and security parameters, and assist with compliance and audit-related tasks. This is an excellent opportunity for someone looking to grow their career in enterprise application security and compliance.

Key Responsibilities:

Access Management & Operational Support

• Respond to and resolve Level 1 and Level 2 help desk tickets related to user access, password resets, and authorization issues in SAP and JD Edwards E1.
• Perform user provisioning and de-provisioning in accordance with established access control policies and procedures.
• Maintain and update user roles, profiles, and authorizations, ensuring proper segregation of duties (SoD) and least privilege access.
• Troubleshoot and resolve access-related issues, including role conflicts, missing authorizations, and system errors.
• Collaborate with business units and application owners to define and implement appropriate access roles and permissions.

Security Configuration & Maintenance

• Maintain and monitor security parameters and system settings in SAP and JD Edwards E1 to ensure compliance with internal policies and external regulations.
• Assist in the development and maintenance of role-based access control (RBAC) models and documentation.
• Support periodic role clean-up and optimization efforts to reduce excessive or outdated access.

Monitoring & Incident Response

• Monitor system logs, alerts, and dashboards for suspicious activity or unauthorized access attempts.
• Monitor system alerts for process failures and system health checks, ensuring timely identification and resolution of operational issues.
• Escalate potential security incidents to senior analysts or the incident response team as appropriate.
• Participate in root cause analysis and remediation efforts for access-related incidents.

Compliance & Audit Support

• Assist in the execution of internal controls related to user access, including quarterly access reviews, SoD reviews, and audit trail validation.
• Prepare and maintain documentation to support internal and external audits, including SOX, SOC, and GDPR compliance.
• Ensure that all access-related activities are properly logged, tracked, and auditable.

Process Improvement & Documentation

• Contribute to the development and continuous improvement of security operations procedures, knowledge base articles, and training materials.
• Identify opportunities to automate or streamline access management and monitoring processes.

Required Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field, or equivalent combination of education and experience.
• 1–2 years of experience in IT security, help desk support, or enterprise application administration.
• Hands-on experience with SAP and/or JD Edwards EnterpriseOne (E1) security administration.
• Familiarity with compliance frameworks such as SOX, SOC, GDPR, or similar regulatory standards.
• Understanding of identity and access management (IAM) principles and role-based access control (RBAC).
• Strong analytical and troubleshooting skills with attention to detail.
• Excellent written and verbal communication skills.
• Ability to work independently and collaboratively in a fast-paced environment.

Preferred Qualifications:

• Experience with ticketing systems such as ServiceNow, Remedy, or Jira.
• Exposure to security monitoring tools, audit logging, or SIEM platforms.
• Basic scripting or automation skills (e.g., PowerShell, Python) are a plus.
• Relevant certifications such as CompTIA Security+, SAP Certified Technology Associate – System Security, or Certified Information Systems Auditor (CISA).

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to supportphysical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.

Our Base Pay Range for this position