Position Summary The Senior Director of Audit, Compliance & Automation (M5) is a senior enterprise leader responsible for driving end-to-end audit readiness, compliance execution, and large-scale automation of control processes across infrastructure platforms and services.
This role provides strategic direction, governance, and operational leadership to ensure regulatory adherence, audit excellence, and continuous control optimization. It integrates
audit, GRC frameworks, and automation engineering to transform compliance from a reactive process into a proactive, scalable, and technology-enabled capability.
Operating at the intersection of
compliance, infrastructure operations, and automation, the role partners with executive leadership, audit committees, and platform teams to ensure enterprise-wide control effectiveness, risk transparency, and measurable improvements in audit outcomes.
Key Responsibilities 1. Enterprise Audit & Compliance Leadership - Lead enterprise-wide audit readiness strategy across data center, infrastructure, and platform environments.
- Own relationship with internal audit, external auditors, and regulatory bodies.
- Oversee audit lifecycle (planning, walkthroughs, evidence collection, remediation tracking).
- Ensure consistent execution of control frameworks (e.g., SOX ITGC, security, operational controls).
- Drive closure of audit findings, ensuring sustainable remediation and root-cause elimination.
2. Automation of Controls & Audit Processes - Define and execute a strategy to automate audit evidence collection, control monitoring, and certification workflows.
- Partner with engineering and platform teams to embed automated controls into infrastructure systems.
- Lead adoption of tools (e.g., ServiceNow GRC, workflow platforms) to digitize compliance processes.
- Drive continuous control monitoring (CCM) and real-time risk visibility.
- Eliminate manual audit processes through intelligent automation and integration.
3. Governance, Risk & Controls Strategy - Design and implement enterprise GRC frameworks integrated with infrastructure transformation initiatives (DDC exit, cloud migration, colo consolidation).
- Establish standardized control libraries, policies, and governance models across platforms.
- Lead risk identification, assessment, and mitigation strategies for infrastructure services.
- Provide executive dashboards and reporting on compliance posture, risk exposure, and audit health.
4. Operational Integration with Infrastructure Teams - Embed compliance and audit requirements into run and build operating models.
- Ensure controls are integrated into day-2 operations, provisioning workflows, and platform engineering standards.
- Partner with infrastructure leaders to align audit compliance with transformation initiatives (cloud, EUC, data center exits).
- Drive accountability for control ownership across engineering and operations teams.
5. Executive Advisory & Stakeholder Engagement - Serve as a trusted advisor to EITP Infrastructure VP and senior leadership on audit risk, compliance posture, and regulatory exposure.
- Prepare executive briefings for audit committees and SteerCos.
- Represent Infrastructure in enterprise compliance and audit forums.
- Translate audit and control requirements into business-aligned strategies.
6. Organizational Leadership & Talent Development :
- Build a high-performing organization blending audit expertise, compliance professionals, and automation engineers.
- Develop talent pipelines and succession plans for critical governance and automation roles.
- Foster a culture of accountability, transparency, and continuous improvement.
Minimum Requirements:- Degree or equivalent experience. Typically requires 13+ years of professional experience and 6+ years of diversified leadership, planning, communication, organization, and people motivation skills (or equivalent experience).
Critical Skills:
- 8+ years of experience in audit, compliance, risk management, or infrastructure governance.
- 8+ years of leadership experience managing enterprise-scale teams and programs.
- Proven experience leading large-scale audit programs (SOX, ITGC, regulatory audits).
- Experience driving automation in compliance or operational processes.
- Background in enterprise infrastructure, cloud, or data center environments strongly preferred.
Technical & Functional Expertise:- IT General Controls (ITGC) / SOX compliance
- Audit lifecycle, walkthroughs, evidence management
- Risk management frameworks and control design
- ServiceNow GRC or similar platforms
- Workflow automation and reporting tools
- Infrastructure environments (compute, network, storage, DC operations)
- Strong understanding of integrating compliance into engineering and operational processes
Leadership Competencies:- Strategic thinking and enterprise influence
- Executive communication and stakeholder management
- Ability to drive transformation across siloed teams
- Strong governance and decision-making discipline
- Data-driven mindset with focus on measurable outcomes
We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.
Our Base Pay Range for this position$151,200 - $201,600
McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson's (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:
McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.
McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.
McKesson job postings are posted on our career site: careers.mckesson.com.