McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care. What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

Job title: Senior Manager, SOC Compliance

Work location: Irving, TX / Alpharetta, GA

Position Description: The SOC Compliance Senior Manager will support the SOC Compliance team in assist in managing activities and resources to support multiple SOC audits and issuance of SOC reports across the enterprise within a large and complex environment. This role will report to the Director of SOC Compliance with the timely delivery of SOC reports, manage activities with external and internal resources, manage and supervise the activities of lesser experienced staff to support SOC Compliance activities, and lead advisory discussions with internal stakeholders.

This position will require an individual that is highly collaborative and able to drive discussions with external resources (e.g., external auditors), MT delivery and solution teams, as well as other internal teams executing or supporting SOC controls.

SOC Compliance Senior Manager Responsibilities:

Managing and Leading Others

• Mentors and develops team members in developing in-depth knowledge of the McKesson systems and processes underlying technologies and controls within the assigned SOC 1 and 2 reports
• Assists with the recruitment, onboarding, integration, and training of new team members and temporary workers
• Manage and maintain a positive relationship between the business units, corporate Information Technology (IT), business unit IT departments, and the external auditors in all aspects of their assigned SOC 1 and 2 reports to ensure timely completion of SOC audits and SOC report issuance

Timely delivery of assigned SOC reports

• Complete and accurate status updates on accomplishments, next steps, and awareness to governance and program teams for assigned SOC 1 and 2 reports
• Complete and accurate updates to detailed plans, SOC project risks and mitigation plan
• Manage critical path and dependencies to other ongoing tasks impacting SOC projects
• Complete and accurate reporting on and maintaining key measures of success for SOC Compliance efforts

Compliance Responsibilities

• Manage McKesson's ongoing responsibilities associated with the issuance of multiple annual SOC 1 and 2 reports, including leading teams and driving discussions as necessary
• Maintain subject knowledge expertise of AICPA SOC standards, and other relevant guidance issued regarding SOC 1 and SOC 2 and the impact to the SOC compliance environment
• Serves as the primary contact for the assigned business unit SOC 1 or 2 report
• Partners with and aligns management in regard to the ownership of the IT process and key SOC controls
• Communicates with leadership, technical and non-technical audiences on SOC 1 and 2 activities

Remediation Responsibilities

• Manages and oversees discussions with management in developing remediation plans to address deficiencies
• Manages and oversees remediation activities and timelines to address deficiencies impacting SOC 1 or 2 reports
• Communicates and coordinates with leadership to ensure timely completion of remediation activities

Minimum Requirements

• 7 years of experience focused on IT audit and/or compliance
• 4 years of experience with planning, executing, and issuance of SOC 1 or 2 reports
• 2 years of supervisory experience
• 1 years of managerial experience is a plus
• 2 years of full SOC 1 or 2 report life-cycle experience, having both SOC 1 and 2 is a plus
• Experience with auditing IT and/or business process controls is a plus
• Experience in a "service auditor" role at a public accounting firm issuing SOC examination reports is a plus

Additional Knowledge & Skills

• Thorough knowledge of all activities necessary for planning, preparing, issuance of reports, and monitoring for continued compliance with SOC 1 and 2 audit requirements
• Strong knowledge-level of financial, operational, and/or information technology, internal controls, identifying risks and related controls
• Highly analytical and have a strong understanding of SOC reporting and industry standards
• Excellent problem-solving skills and the ability to think critically
• Ability to effectively communicate at multiple levels of management
• Strong understanding how to perform procedures to examine the design and operational effectiveness of IT and/or business process controls
• Able to identify gaps in control design and control operative effectiveness of controls and assist management with related remediation measures
• Strong understanding of process improvement and best practices
• Excellent interpersonal, communication, and presentation skills, including formal report writing experience
• Performs all job responsibilities with integrity
• Effective communications skills with personnel from any grade level
• Thorough understanding and application of the AICPA SOC standards (e.g., SOC 2 Trust Services Criteria) is a plus

Education

• Undergraduate degree in business, accounting, IT, internal audit or related field with focus on information systems or equivalent work experience.

Certifications/Licensure

• CISA, CISSP, CPA, or CIA preferred

Physical Requirements: General Office Demands

Candidate must be authorized to work in the U.S, now or in the future, without support from McKesson.

Relocation is NOT budgeted for this position.

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That's why we have a Total Rewards package that includes comprehensive benefits to supportphysical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves. For more information regarding benefits at McKesson, please

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.

McKesson is an Equal Opportunity/Affirmative Action employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to . Resumes or CVs submitted to this email box will not be accepted.

Current employees must apply through the internal career site.

Join us at McKesson!