McKesson is in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payors, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting. We believe in the importance of strong, vital organizations because we know that patients can only be healthy when our system is healthy.
Every single McKesson employee contributes to our mission—by joining McKesson you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.
We understand the importance of a system that works together. Your expertise, drive and passion can help us improve everything we touch, from providers to payors to pharmacies. Join our team of leaders to begin a rewarding career.
Wherever you contribute here at McKesson, you will have the ability to make a real impact in the lives of others.
McKesson has embarked on an important mission to become a leader in cybersecurity for global healthcare. We are making significant investments to enhance our capabilities through talent development, resource levels, process maturity, and technology enablement.
As McKesson’s Sr. Director Software Assurance, you will be a key component of our team helping work across the enterprise to build and mature processes to strengthen our IT environments from an end to end perspective covering both systems development and systems operation. You will partner with the ISRM Enterprise Governance, Risk & Compliance team and the Enterprise Cybersecurity team and support the Business Information Security Officers and IT teams across the enterprise in maturing their programs.
This position can be based at our Alpharetta, GA or Scottsdale, AZ office.
Responsibilities will include:
Secure SDLC Program
Promote best practices in application development, leveraging industry recognized secure SDLC frameworks
Work with business units to promote a strong secure SDLC program for mobile / digital solutions in Healthcare and Pharmacy services (online, mobile, and legacy platforms)
Partner with the Cybersecurity & Threat Management team to deliver software assurance capabilities to the enterprise:
Static code and binary analysis
Dynamic application testing
Infrastructure vulnerability testing
Application-level Penetration Testing/Ethical Hacking
Threat Modeling & Red Team application security assessment
Manage the executive communications and reporting specific to the Software Assurance program and it initiatives, risks and threats for the McKesson enterprise
Keep abreast of application security trends and the emerging threat landscape related to the healthcare industry, McKesson businesses and corresponding applications
Subject Matter Expert in defining a software security training curriculum for McKesson, partnering with the GRC team for implementation/roll-out
Secure IT Operations Program
Promote best practices in building and maintaining security in the software and systems supporting our business applications. This includes helping the BUs build processes to build and configure systems securely, and then to maintain them:
Partner with the Cybersecurity & Threat Management team to deploy similar processes to monitor configuration management
Guide the BUs in the prioritization and execution of their remediation processes, and work to encourage streamlining/standardization of these processes
Provide regular metrics and reporting at the BU and Enterprise level
Asset Management Assurance
A foundational component of IT Risk Management and Cybersecurity is understanding and prioritizing the the assets we need to protect. In this role you will work with groups across the company that manage our IT assets to ensure there are appropriate governance processes in place. This includes partnering with the ETS Asset Management group, ISRM teams, and other ETS and BU functions.
8+ years software engineering experience including 7+ years managerial experience
Additional Knowledge & Skills
4-year degree in computer science or related field or equivalent experience
General Office Demands
Benefits & Company Statement
McKesson believes superior performance – individual and team – that helps us drive innovations and solutions to promote better health should be recognized and rewarded. We provide a competitive compensation program to attract, retain and motivate a high-performance workforce, and it’s flexible enough to meet the different needs of our diverse employee population.
We are in the business of better health and we touch the lives of patients in virtually every aspect of healthcare. We partner with payers, hospitals, physician offices, pharmacies, pharmaceutical companies and others across the spectrum of care to build healthier organizations that deliver better care to patients in every setting.
But we can’t do it without you. Every single McKesson employee contributes to our mission—whatever your title, whatever your role, you act as a catalyst in a chain of events that helps millions of people all over the globe. Talented, compassionate people are the future of our company—and of healthcare. At McKesson, you’ll collaborate on the products and solutions that help us carry out our mission to improve lives and advance healthcare. Working here is your opportunity to shape an industry that’s vital to us all.
McKesson is an equal opportunity and affirmative action employer – minorities/females/veterans/persons with disabilities.
Qualified applicants will not be disqualified from consideration for employment based upon criminal history.
No agencies please.