McKesson

Lead Cyber Security Architect

McKesson$143K — $238K *
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • 10+ years in cybersecurity with a minimum of 5 years in security architecture.
  • Hands-on experience designing security guardrails and driving team adoption.
  • Expert in securing sensitive data and supporting compliance audits with documentation.
  • Proven leadership skills to guide complex initiatives and coach team members.
  • Strong understanding of Zero Trust and IAM/PAM architecture at scale.

Responsibilities

  • Own and evolve the MMS security architecture patterns and guardrails.
  • Lead architecture reviews for new platforms and major applications.
  • Translate security policies and regulations into practical engineering requirements.
  • Define and implement target-state security architecture and roadmaps.
  • Integrate security practices within DevSecOps to enhance automation and reduce friction.
  • Establish measurable outcomes and use metrics for continual improvement in security architecture.
  • Mentor architects and engineers to enhance deliverables' quality.

Benefits

  • Comprehensive health and wellness programs.
  • Retirement savings plans with company match.
  • Professional development and continuing education opportunities.
  • Flexible work arrangements and schedules.
  • Access to employee discounts and wellness incentives.
Full Job Description
Lead Cyber Security Architect

Location: Richmond, VA, USA - 9954 Mayland Drive (on-site)

The Opportunity

The Lead Cyber Security Architect is a senior, advanced-skill role responsible for establishing and evolving MMS security architecture, patterns, and guardrails that protect the business while enabling speed and innovation. This role partners with the Chief Information Security Officer (CISO), Technology Senior Leadership, audit/compliance, product and application owners, infrastructure, and security engineering/operations teams to drive consistent security outcomes across the enterprise.

This role provides expert guidance on current security issues while anticipating where threats and technology are heading to proactively shape MMS security strategy. The Lead Cyber Security Architect is expected to think like an adversary, translate business objectives into security architecture decisions, and define target-state architectures and roadmaps. As a Lead (P5), this role sets standards and raises the bar through mentoring and coaching, critical review of deliverables, and driving measurable improvements in risk reduction and control effectiveness. The architect leads through influence (often without direct people-management authority) and ensures security architecture decisions are documented, communicated, and adopted across delivery teams.

Key Responsibilities

  • Own and evolve MMS security architecture reference patterns and guardrails across cloud, network, identity, endpoint, application, and data protection; ensure designs are secure-by-design and compliant-by-design.
  • Lead architecture reviews for key initiatives (new platforms, major applications, third-party integrations, and B2B/B2C capabilities); document decisions, risks, exceptions, and required compensating controls.
  • Translate security policy, risk, and regulatory obligations into practical engineering requirements, reusable design standards, and implementation guidance (e.g., templates, runbooks, and secure reference implementations).
  • Define target-state security architecture and roadmaps; drive organizational alignment and prioritization with security, technology, and business stakeholders.
  • Embed security in delivery through DevSecOps: advise on CI/CD controls, infrastructure-as-code, policy-as-code, secrets management, and secure SDLC practices; partner with engineering teams to increase automation and reduce friction.
  • Establish measurable security architecture outcomes (e.g., coverage of guardrails, reduction in high-risk exceptions, control adoption, improved detection/response maturity) and use metrics to guide continuous improvement.
  • Mentor and coach architects and engineers; perform critical self-review and peer review of deliverables to ensure high quality, accuracy, and alignment to enterprise security standards.
  • Design and maintain cloud security architecture patterns and guardrails (e.g., IAM and privileged access, organization policies, network segmentation, encryption and key management, logging/monitoring, vulnerability management, and posture management) with clear implementation guidance for delivery teams.
  • Perform other duties as assigned.


Minimum Requirements

  • Degree or equivalent and typically requires 10+ years of relevant experience. Less years required if has relevant Master's or Doctorate qualifications


Skills and Qualifications

  • 10+ years in cybersecurity with 5+ years in security architecture, including risk management and compliance.
  • Demonstrated ability to lead complex initiatives, drive alignment, and coach others while delivering measurable security outcomes.
  • Hands-on security architecture experience, including designing guardrails/reference architectures and driving adoption across multiple teams.
  • Demonstrated experience designing security controls for sensitive data (PII/PHI) and supporting audits and compliance efforts through strong documentation and evidence-based controls.
  • Zero Trust and IAM/PAM (workforce and customer identity) design at scale; demonstrated ability to define and implement enterprise guardrails, including policy-as-code and standardized identity/network patterns.
  • Proven stakeholder leadership able to lead planning and architecture discussions, incorporate reviewer feedback, and obtain alignment and approvals for secure solutions.
  • Experience with modern security platforms and automation (e.g., SIEM, EDR/XDR, SOAR, secrets management, and data protection) plus scripting/automation to scale controls.
  • Strong background in technology design, implementation, and delivery (cloud, networking, identity, endpoint, and application platforms), with the ability to translate business requirements into secure reference architectures and pragmatic implementation plans.
  • Deep expertise in security controls and architecture domains: IAM (including privileged access), network security, encryption/key management, secrets management, application security, vulnerability management, logging/monitoring, and security posture management across public cloud and hybrid environments.
  • Ability to communicate technical risk and tradeoffs in business terms, influence decisions at multiple levels, and facilitate productive outcomes across security, engineering, and business stakeholders.
  • Experience improving detection and response capabilities at scale (SIEM, EDR/XDR, SOAR, threat intelligence), including driving architectural remediation and hardening based on incidents and post-incident reviews.
  • Proven ability to define and operationalize security standards, patterns, and guardrails (including exception processes), and to ensure adoption through reviews, coaching, documentation, and automation.
  • Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and holding a high bar for quality through critical self-review and thoughtful peer review.
  • Hands-on ability to automate and enable teams through scripting and infrastructure-as-code (e.g., Bash, Python, PowerShell) and policy-as-code approaches.
  • Experience designing for cyber resilience (disaster recovery, business continuity, backup/restore security, and ransomware recovery considerations).
  • Working knowledge of common security and risk frameworks and regulations relevant to healthcare and enterprise environments (e.g., NIST, ISO 27001, HITRUST, HIPAA/HITECH, PCI DSS, SOX, GDPR, SOC 2).
  • Working knowledge of Windows, Linux, and container platforms (e.g., Kubernetes) and modern application patterns (API-based integrations, microservices, and serverless) sufficient to guide secure designs.
  • Strong strategic and tactical decision-making, including the ability to assess tradeoffs, define compensating controls, and drive decisions to closure.
  • Experience collaborating with offensive/defensive security teams (e.g., purple teaming) to validate controls and translate findings into architectural improvements.
  • Highly trustworthy; leads by example and builds credibility through consistent follow-through and high-quality deliverables.


Education Requirements

  • Bachelor's degree in computer science, information security/assurance, MIS, engineering, or related field; or equivalent practical experience.


Certification Requirements

  • CISSP (required). Preferred: CISM, GIAC/SANS certifications, and/or relevant cloud security certifications. TDR/SecOps certifications (a plus): Google Cloud Professional Cloud Security Engineer and/or Associate Cloud Engineer, Google Professional Cloud DevOps Engineer, and/or GIAC certifications (e.g., GSEC, GCIH) depending on role focus. and/or cloud/security engineering certifications aligned to the teams platforms.


About Medical-Surgical

McKesson Medical-Surgical (MMS) is a subsidiary and publicly reported segment of the McKesson Corporation. MMS distributes medical-surgical supplies, pharmaceuticals, diagnostic equipment and supplies, along with other solutions and services to virtually every type of healthcare setting and provider outside of the traditional hospital. These markets - often referred to as Alternate Care or Non-Acute Care - include physician offices, surgery centers, long-term care providers, laboratories, home health and hospice agencies, health systems, government facilities and online marketplaces and retailers.

Alternate Care markets are growing rapidly and MMS is proud to be a leader in this space. With a team of approximately 8,000 employees, a network of 15 distribution centers and approximately 900 delivery vehicles, we partner with more than 2,200 leading manufacturers and serve over 200,000 customer accounts across the U.S. Our catalog includes more than 280,000 SKUs of branded and private-label medical-surgical products - from bandages to specialty pharmaceuticals and COVID-19 tests.

Looking Ahead : A New Chapter for MMS

McKesson has announced its intent to separate MMS into an independent company - an exciting evolution that builds on MMS's strong foundation and proven leadership in the Alternate Care space. As a standalone company, MMS would be positioned to unlock new opportunities to innovate, grow and lead with even greater agility and focus. We will also continue to be one of the largest medical-surgical distributors in the U.S., with over $11B in annual sales. This separation would accelerate our mission and empower us to shape a future defined by customer-centricity, bold thinking and operational excellence. For job seekers, it's a unique moment to join a team that's already making a meaningful impact and leading the way in shaping the future of healthcare delivery in Alternate Care settings - with even greater opportunity ahead as we prepare to become an independent company.

Career Level - P5

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$143,000 - $238,400

McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson's (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:

McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.

McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.

McKesson job postings are posted on our career site: careers.mckesson.com.

About McKesson

McKesson Corporation provides medicines, pharmaceutical supplies, information and care management products and services across the healthcare industry. The Company operates in two segments. The McKesson Distribution Solutions segment delivers ethical drugs, medical-surgical supplies and equipment and health and beauty care products throughout North America. This segment also provides specialty pharmaceutical solutions for biotech and pharmaceutical manufacturers, sells financial, operational and clinical solutions for pharmacies (retail, hospital, long-term care) and provides consulting, outsourcing and other services. The McKesson Technology Solutions segment delivers enterprise-wide clinical, patient care, financial, supply chain, strategic management and software solutions. In July 2011, the Company acquired Portico Systems from Safeguard Scientifics, Inc. On March 25, 2012, it acquired the independent banner and franchise businesses of Katz Group Canada Inc. McKesson Distribution Solutions delivers pharmaceuticals to retail pharmacies and institutional providers like hospitals and health systems. They operate pharmaceutical distribution centers across the country, serving customers in all 50 states. They also deliver a comprehensive offering of health care products, technology, equipment and related services to the alternate site market, including physician offices, surgery centers, long-term care facilities and home care businesses across the country. McKesson is currently the largest pharmaceutical distributor in North America. McKesson also operates McKesson Canada and has an equity holding in Nadro, a leading distributor in Mexico.

McKesson Careers

Join McKesson, a leading global healthcare company, and be part of a team that is redefining the future of healthcare. With a variety of job opportunities available, McKesson is the perfect place to advance your career, whether you're a seasoned professional or just starting out. Work You’ll Do At McKesson, we are committed to improving care in every setting—one product, one partner, one patient at a time. We’re seeking talented professionals to join our team and contribute to a culture of innovation, diversity, and leadership. Our employees are driven by a deep sense of purpose and a desire for continuous growth and improvement. Empower Your Future in Healthcare With positions ranging from internships to leadership roles, McKesson offers unparalleled employment opportunities to develop your skills and advance your career. Our commitment to diversity training ensures that all team members have the opportunity to thrive. Join a team where your skills will be honed, your professional growth will be supported, and where you can genuinely see the difference you make in the lives of patients around the world. Innovative Work Environment McKesson is at the forefront of healthcare innovation. Our team is constantly exploring new ways to improve patient outcomes and streamline care processes. This commitment to innovation is what sets us apart and what makes McKesson an exciting place to work. Career Development and Benefits McKesson believes in nurturing the potential of its employees through robust career development programs and comprehensive benefits designed to support your life and well-being. From leadership training to health and wellness benefits, we ensure our team members are equipped to meet their professional and personal goals. Explore Job Opportunities Whether you’re looking for an internship to kickstart your career, or a senior position to utilize your extensive experience, McKesson offers a range of opportunities. Explore our open positions and find where you can make a difference at McKesson. Stay Connected Join Our Team Search for open positions that match your skills and interests. We are looking for passionate, curious, and solution-driven team players who are ready to take the next step in their careers. Keep Up to Date Stay ahead with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the people who work here. Networking and Professional Growth At McKesson, networking and professional growth are part of our everyday environment. We encourage our employees to connect, share, and learn from each other to foster personal and professional development. Job Alert Emails Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding career opportunities that await you at McKesson. Join McKesson today and be part of a team that is dedicated to shaping the future of healthcare.
Learn more about McKesson
Size
58,000 employees
Market Cap
$53.7 billion
Industry
Net Income
-$4.1 billion
Founded
1833
5 Year Trend
+5.9%
Revenue
$237.6 billion
NASDAQ

Similar Jobs

More Jobs at McKesson

More Information Technology Jobs

Find similar Lead Cyber Security Architect jobs: