MTA – Vulnerability Management Engineer

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Current Need:

We are seeking a driven and technically skilled Vulnerability Management Engineer to support and enhance our enterprise vulnerability management infrastructure. This role will be focused on deploying, maintaining, and automating vulnerability management tools and processes. The ideal candidate should possess solid scripting abilities, familiarity with automation concepts, foundational system administration skills, and experience or strong interest in cybersecurity best practices related to vulnerability management.

Responsibilities:

• Enhance operational efficiency and accuracy through effective scripting and automation of vulnerability management processes.
• Maintain highly available and reliable vulnerability management infrastructure, minimizing false positives and scanning disruptions.
• Deliver clear, actionable vulnerability data to stakeholders, improving organizational security posture.
• Foster cross-departmental collaboration and trust through transparent, professional communication.
• Contribute significantly to the continuous improvement of vulnerability management processes and workflows through innovative automation solutions.

Key Results:

• Enhance operational efficiency and accuracy through effective scripting and automation of vulnerability management processes.
• Maintain highly available and reliable vulnerability management infrastructure, minimizing false positives and scanning disruptions.
• Deliver clear, actionable vulnerability data to stakeholders, improving organizational security posture.
• Foster cross-departmental collaboration and trust through transparent, professional communication.
• Contribute significantly to the continuous improvement of vulnerability management processes and workflows through innovative automation solutions.

Required / Basic Qualifications:

• 5 - 7+ years industry experience
• 2 - 4+ years of experience in system administration, scripting/automation, cybersecurity, or vulnerability management.
• Hands-on experience with vulnerability scanning tools (e.g., Tenable, Qualys, Rapid7).
• Strong proficiency in scripting and automation tools (e.g., Python, PowerShell, Bash).
• Basic to intermediate knowledge of Linux and Windows administration.
• Familiarity with asset management tools, CMDB integrations, and security orchestration platforms.
• Basic understanding of CVSS & EPSS scoring and patch management processes.

Preferred Qualifications:

• Bachelor’s degree in Information Security, Computer Science, Engineering, or a related technical field; or equivalent practical experience.
• Excellent communication, technical writing, and interpersonal skills.
• Relevant entry-level certifications such as Security+, GSEC, or similar are preferred but not required.

Core Competencies:

• Professionalism: Maintains a high standard of conduct, integrity, and responsibility in all aspects of work.
• Professional Empathy: Understands and respects the roles and pressures of peers across departments while driving shared security goals.
• Transparency: Communicates clearly, shares context openly, and ensures accurate and timely information flows to stakeholders.
• Ownership Mindset: Demonstrates initiative and accountability in managing tasks, resolving issues, and delivering on commitments.

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.  In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. 

Our Base Pay Range for this position