This job listing has expired and the position may no longer be open for hire.

Network Security Engineer at MCK McKesson Corporation in Alpharetta, Georgia

Posted in Information Technology 30+ days ago.

Type: Full-Time

Job Description:

Position Description

This position is part of McKesson’s Information Security and Risk Management (ISRM) Security Engineering team and is responsible for building and promoting information security solutions for the enterprise network and applications across McKesson Corporation.

As a McKesson Information Security Engineer, you will be a key member of our ISRM team Security Engineering team.  The candidate will have a deep background in keys aspect of security solutioning and design processes needed to enable and securely deliver cybersecurity services. S/he will work collaboratively with the ISRM Security Architecture and Global ISRM Service owners to ensure solutions and services are designed and adopted effectively by SOC and McKesson business units.  The position works closely with stakeholders in Infrastructure, Network Engineering, Operations, Applications, and Compliance management to ensure alignment to our Global service capabilities. Your initial primary focus area will be around Web Application Firewall engineering, with an expansion to other toolsets over time.

Security Engineer will be a self-starter responsible for leading efforts to modernize our network security stack and taking advantage of opportunities to build a true defense-in-depth architecture around cross-platform integration through the use of APIs.

Responsibilities will include:

  • Solid experience engineering solutions around Web Application Firewall technologies such as Imperva Incapsula, Imperva SecureSphere or similar

  • Understand, research, design and develop secure implementations of technology solutions, and oversee large rollouts of the same

  • End to end analysis, requirements development, design, and governance of the security processes and tools ecosystem within McKesson Technology infrastructure, partnering with IT and business colleagues as appropriate

  • Able to communicate processes’ and tool automation needs to Automation Team to drive infrastructure as a code mentality

  • Evaluate and POC next-generation network security solutions

  • Support business units with the deployment of various security tools

  • Support Security Architecture with the design and implementation of new network security solutions

  • Operationalize network security solutions to provide optimal value through repeatable metric reporting, standardizing maintenance and continually finding and closing security gaps

  • Train Operations teams to ensure a high-level understanding of network security solutions and how they relate to quantifiable risk

  • Participate in Scaled Agile planning and activities deploying enterprise program creating Global Network Security Services within McKesson, identify customer needs, converting those into functional requirements and creating program roadmap, driving objectives and managing program backlog

Minimum Requirements

4+ years experience in administering security controls in an organization

Critical Skills

  • 4+ years of experience engineering and administering web applications firewalls

  • 4+ years of experience engineering other network security solutions such as firewalls, IPS/IDS, proxies or similar

  • 3+ years of experience supporting a Security Operations Center

  • Experience in network security solutions design, documentation and best practices

  • Proven experience working in engineering capacity supporting few of other network security and capabilities such as Firewalls, Intrusion Detection and Prevention Systems, Proxies, DLP, Network Deception, micro-segmentation, Network Access Control (NAC), wired and wireless security, SIEM, Next Gen Breach Detection Systems, Cloud Access Security Brokers

  • Expert-level understanding of network protocols (TCP/UDP, IP, ARP, DNS, HTTP(S), etc)

  • Detailed understanding of attack vectors, current threats, and their remediation strategies

  • Detailed understanding of control frameworks and reference architectures such as NIST, CyberSecurity kill chain

  • Understanding of various compliance regulations/laws, and standards (e.g., PCI DSS, HIPAA).

  • Able to stay on top of latest cybersecurity developments and next gen platforms

Additional Knowledge & Skills:

  • Strong time management skills planning, organizing, and leading architecture development efforts

  • Strong interpersonal and communications skills to build/ maintain ongoing business relationships

  • Self-Starter that requires minimal supervision, multi-tasks effectively, and can provide oversight and coaching to others for any assigned projects or tasks.

  • Knowledge of industry specific, healthcare sector regulations appropriate for business unit supported (e.g. HIPAA) 

  • Data encryption standards as well as key management

  • Relational and Non-Relational Database administration as well as database languages such as SQL

  • Security certifications such as CISSP, CEH, CMA are preferred but not required

  • Familiarity with the security body of knowledge

  • Familiarity with the Safe/Agile methodology and framework

  • Education:
    4-year degree in computer science or related field or equivalent experience


  • Cyber Security and/or network related certifications (s) such as CISSP, ISSAP, GCED, CCNA Security, Firewall certifications or proven equal experience

McKesson is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to Resumes or CVs submitted to this email box will not be accepted.Current employees must apply through internal career site.Join us at McKesson!