McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care. What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

About Us:

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care. What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

Position Summary:

We are looking for a seasoned Cloud Security/DevSecOps Architect with a strong emphasis on security architecture. The ideal candidate will be responsible for designing and implementing security solutions and practices within our DevOps processes. This role requires a deep understanding of DevOps principles, cloud environments, and a passion for ensuring the security of our applications and infrastructure.

Key Responsibilities:

- Security Architecture: Collaborate with cross-functional teams to define and implement security architecture for applications, systems, and cloud environments.

- DevSecOps Integration: Drive the integration of security practices into the DevOps pipeline, ensuring security is embedded from development through deployment.

- Risk Assessment: Conduct risk assessments and vulnerability assessments, identifying and prioritizing security risks, and recommending appropriate mitigations.

- Security Tools: Evaluate, select, and implement security tools and technologies to enhance security posture, including automated testing, scanning, and monitoring tools.

- Compliance: Ensure compliance with industry standards and regulations, such as GDPR, HIPAA, or PCI DSS, and maintain documentation of security controls.

- Incident Response: Develop and maintain an incident response plan and lead incident response efforts when security incidents occur.

- Security Awareness: Promote a culture of security awareness within the organization through training, documentation, and knowledge sharing.

- Secure Coding Practices: Collaborate with development teams to promote secure coding practices, conduct code reviews, and assist in identifying and remediating security vulnerabilities.

- Continuous Improvement: Continuously monitor the security landscape, keeping up-to-date with emerging threats and best practices, and adapting security measures accordingly.

Qualifications:

- Bachelor's degree in Computer Science, Information Security, related field (Master's preferred), or equivalent work experience.

- Proven experience as a DevSecOps Architect or a similar role with a strong security emphasis.

- In-depth knowledge of DevOps practices, CI/CD pipelines, and automation tools.

- Proficiency in cloud computing platforms (e.g., AWS, Azure, GCP).

- Strong understanding of security frameworks, standards, and regulations.

- Hands-on experience with security tools such as vulnerability scanners, IDS/IPS, SIEM, etc.

- Excellent problem-solving skills and ability to communicate complex security concepts to technical and non-technical stakeholders.

- Relevant security certifications (e.g., CISSP, CISM, Certified DevSecOps Engineer) are a plus.

Benefits:

- Competitive salary and performance-based bonuses.

- Comprehensive health, dental, and vision benefits.

- 401(k) retirement plan with company matching.

- Flexible work hours and remote work options.

- Professional development opportunities.

- A collaborative and innovative work environment.

If you are passionate about security architecture, DevOps practices, and want to play a critical role in safeguarding our organization's digital assets, we encourage you to apply. Join us in shaping a secure and resilient future for McKesson Corporation.

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That's why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves. For more information regarding benefits at McKesson, please click here.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.

Our Base Pay Range for this position

McKesson is an Equal Opportunity/Affirmative Action employer.

All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.

McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to [email protected]. Resumes or CVs submitted to this email box will not be accepted.

Current employees must apply through the internal career site.

Join us at McKesson!