McKesson Corporation
Senior SOC Compliance Analyst
McKesson Corporation, Irving, Texas, United States, 75084
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.Job Title: SOC Compliance Senior AnalystCurrent Need:The SOC Compliance Senior Analyst will support the SOC Compliance team in leading activities to support multiple SOC audits and issuance of SOC reports across the enterprise within a large and complex environment. This role will report to the Director of SOC Compliance with the ensuring timely delivery of SOC reports, leading the discussions with external and internal resources, supervising the activities of lesser experienced staff to support SOC Compliance activities, and providing advisory to internal stakeholders.This position will require an individual that is collaborative and able to drive discussions with external resources (e.g., external auditors), MT delivery and solution teams, as well as other internal teams executing or supporting SOC controls.SOC Compliance Senior Responsibilities:Supervision and Leading Others
Assist in managing McKesson's ongoing responsibilities associated with the issuance of SOC 1 and 2 reportsSupervise and mentor lesser experienced personnel, including temporary outside workersAssist with the onboarding, integration, and training of new team membersManage positive and collaborative relationship between corporate IT, business unit IT departments, Enterprise Financial Controls, and IT Compliance
Compliance Responsibilities
Obtain an in-depth knowledge of the McKesson systems and processes underlying technologies and controls within the assigned SOC 1 and 2 reportsLead SOC 1 and 2 audit related discussions independentlyRespond to or assist control owners in responding to audit related requests (e.g. audit evidence, follow-ups, etc)Drive the timely and complete response to audit related requestsServe as a liaison between the business units, corporate Information Technology (IT), business unit IT departments, and the external auditors in all aspects of their assigned SOC 1 and 2 reports to ensure timely completion of SOC audits and SOC report issuanceMaintain an understanding of AICPA SOC standards, and other relevant guidance issued regarding SOC 1 and SOC 2 and the impact to the SOC compliance environment
Remediation Responsibilities
Assist in the coordination of remediation activities to address deficienciesAssist in discussions with management in developing remediation plans to address deficienciesAssist with monitoring of implementation and completion of remediation efforts
Timely delivery of SOC reports
Assist with providing regular status updates on accomplishments, next steps, and awareness to governance and program teamsAssist with developing detailed plans, identifying SOC project risks and possible mitigationsAssist with identifying critical path and dependencies to other ongoing tasks impacting SOC projectsAssist with reporting on and maintaining key measures of success for SOC Compliance efforts
Minimum Requirements:3+ years of experience focused on IT audit and/or compliance1+ years of experience with SOC 1 or 2 reporting1+ years of supervisory experience is a plus1+ SOC 1 or 2 report life-cycle experience, having both SOC 1 and 2 is a plusAdditional Knowledge & Skills:Advanced knowledge of SOC 1 and 2 report life-cycle activitiesKnowledge of all activities necessary for planning, preparing, and monitoring for continued compliance with SOC 1 and 2 audit requirementsKnowledge-level of financial, operational, and/or information technology, internal controls, identifying risks and related controlsUnderstands how to perform control tests to assess the design and operational effectiveness of SOC controlsUnderstands how to perform procedures to examine the effectiveness of IT and/or business process controlsAble to identify gaps in control design and control operative effectiveness of controls and assist management with related remediation measuresUnderstanding of process improvement and best practicesStrong interpersonal, communication, and presentation skills, including formal report writing experiencePerforms all job responsibilities with integrityEffective communications skills with personnel from any grade levelAdvanced understanding and application of the AICPA SOC standards (e.g., SOC 2 Trust Services Criteria) is a plusEducation:Undergraduate degree in business, accounting, IT, internal audit or related field with focus on information systems or equivalent work experience.Certifications/Licensure:CISA, CISSP, CPA, or CIA preferredPhysical Requirements:
General Office DemandsMust be authorized to work in the US. Sponsorship is not available for this position.Relocation is not budgeted for this role.We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.Our Base Pay Range for this position:
$111,200 - $185,300McKesson is an Equal Opportunity Employer.McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information.Join us at McKesson!
#J-18808-Ljbffr
Assist in managing McKesson's ongoing responsibilities associated with the issuance of SOC 1 and 2 reportsSupervise and mentor lesser experienced personnel, including temporary outside workersAssist with the onboarding, integration, and training of new team membersManage positive and collaborative relationship between corporate IT, business unit IT departments, Enterprise Financial Controls, and IT Compliance
Compliance Responsibilities
Obtain an in-depth knowledge of the McKesson systems and processes underlying technologies and controls within the assigned SOC 1 and 2 reportsLead SOC 1 and 2 audit related discussions independentlyRespond to or assist control owners in responding to audit related requests (e.g. audit evidence, follow-ups, etc)Drive the timely and complete response to audit related requestsServe as a liaison between the business units, corporate Information Technology (IT), business unit IT departments, and the external auditors in all aspects of their assigned SOC 1 and 2 reports to ensure timely completion of SOC audits and SOC report issuanceMaintain an understanding of AICPA SOC standards, and other relevant guidance issued regarding SOC 1 and SOC 2 and the impact to the SOC compliance environment
Remediation Responsibilities
Assist in the coordination of remediation activities to address deficienciesAssist in discussions with management in developing remediation plans to address deficienciesAssist with monitoring of implementation and completion of remediation efforts
Timely delivery of SOC reports
Assist with providing regular status updates on accomplishments, next steps, and awareness to governance and program teamsAssist with developing detailed plans, identifying SOC project risks and possible mitigationsAssist with identifying critical path and dependencies to other ongoing tasks impacting SOC projectsAssist with reporting on and maintaining key measures of success for SOC Compliance efforts
Minimum Requirements:3+ years of experience focused on IT audit and/or compliance1+ years of experience with SOC 1 or 2 reporting1+ years of supervisory experience is a plus1+ SOC 1 or 2 report life-cycle experience, having both SOC 1 and 2 is a plusAdditional Knowledge & Skills:Advanced knowledge of SOC 1 and 2 report life-cycle activitiesKnowledge of all activities necessary for planning, preparing, and monitoring for continued compliance with SOC 1 and 2 audit requirementsKnowledge-level of financial, operational, and/or information technology, internal controls, identifying risks and related controlsUnderstands how to perform control tests to assess the design and operational effectiveness of SOC controlsUnderstands how to perform procedures to examine the effectiveness of IT and/or business process controlsAble to identify gaps in control design and control operative effectiveness of controls and assist management with related remediation measuresUnderstanding of process improvement and best practicesStrong interpersonal, communication, and presentation skills, including formal report writing experiencePerforms all job responsibilities with integrityEffective communications skills with personnel from any grade levelAdvanced understanding and application of the AICPA SOC standards (e.g., SOC 2 Trust Services Criteria) is a plusEducation:Undergraduate degree in business, accounting, IT, internal audit or related field with focus on information systems or equivalent work experience.Certifications/Licensure:CISA, CISSP, CPA, or CIA preferredPhysical Requirements:
General Office DemandsMust be authorized to work in the US. Sponsorship is not available for this position.Relocation is not budgeted for this role.We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.Our Base Pay Range for this position:
$111,200 - $185,300McKesson is an Equal Opportunity Employer.McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information.Join us at McKesson!
#J-18808-Ljbffr