MTAP - Lead Cloud Security Architect

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Job Title : MTAP - Lead Cloud Security Architect

Position Overview

The Lead Cloud Security Architect at the P5 level is a senior role dedicated to designing, implementing, and managing robust cloud security solutions across multi-cloud environments, including AWS, Azure, and GCP. This role focuses on safeguarding cloud infrastructures, applications, and data while ensuring alignment with industry best practices and compliance requirements. As a strategic and technical leader, the Cloud Security Architect collaborates with cross-functional teams to integrate secure cloud solutions into the organization's operational framework, addressing complex security challenges in dynamic cloud ecosystems.

Key Responsibilities

Cloud Security Architecture Design

• Develop and maintain comprehensive security architectures for AWS, Azure, and GCP environments, ensuring scalability, resilience, and alignment with organizational objectives.
• Create detailed security design specifications, diagrams, and guidelines for cloud-native services.
• Continuously evaluate cloud infrastructures to identify vulnerabilities and recommend mitigation strategies.

Implementation and Integration

• Oversee the deployment and integration of security tools and services in cloud environments, including identity and access management, encryption, and monitoring solutions.
• Collaborate with DevOps and engineering teams to implement secure CI/CD pipelines and cloud-native application frameworks.
• Ensure optimal configuration of security controls for cloud-based resources, including virtual networks, storage, and compute instances.

Multi-Cloud Security Expertise

• Leverage expertise in AWS, Azure, and GCP to design consistent security strategies across multi-cloud environments.
• Implement cross-cloud security solutions for identity federation, logging, and unified threat detection.
• Optimize security for hybrid cloud models, ensuring seamless integration with on-premises systems.

Cloud Threat Detection and Response

• Act as a subject-matter expert for cloud-specific security incidents, providing leadership in detection, analysis, and remediation.
• Design and implement automated threat detection and response mechanisms using cloud-native tools such as AWS GuardDuty, Azure Sentinel, and GCP Security Command Center.
• Develop playbooks and response strategies for cloud-focused incidents, such as misconfigurations, unauthorized access, or API abuse.

Compliance and Governance

• Ensure cloud architectures meet compliance standards such as ISO 27001, SOC 2, GDPR, HIPAA, and other relevant frameworks.
• Establish governance policies for cloud environments, including configuration baselines, auditing, and logging requirements.
• Participate in cloud security assessments, audits, and remediation planning.

Collaboration and Communication

• Serve as a cloud security liaison between technical teams, leadership, and external stakeholders to align on goals and deliverables.
• Present complex cloud security strategies and findings to both technical and non-technical audiences.
• Drive initiatives to embed cloud security best practices into organizational processes.

Innovation and Continuous Improvement

• Anticipate emerging cloud security threats and proactively develop innovative protection strategies.
• Stay updated on advancements in cloud-native services, security tools, and cloud compliance requirements.
• Lead strategic projects that enhance the organization’s cloud security posture, such as implementing Zero Trust or Secure Access Service Edge (SASE) frameworks.

Required Qualifications

Education

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

Experience Required:

• 8–10 years of professional experience in cybersecurity, with significant focus on cloud security architecture.
• Proven track record of designing and implementing security solutions in multi-cloud environments, including AWS, Azure, and GCP.
• Experience with cloud-native security services such as AWS Security Hub, Azure Security Center, and GCP Identity-Aware Proxy.

Technical Skills

• Deep understanding of cloud security frameworks and best practices, including NIST CSF and CSA CCM.
• Proficiency in cloud infrastructure-as-code tools like Terraform or CloudFormation.
• Expertise in technologies such as IAM, key management, container security, and workload protection.
• Strong knowledge of network security in cloud environments, including VPCs, NSGs, firewalls, and VPNs.

Certifications

• Relevant certifications such as AWS Certified Security – Specialty, Microsoft Certified: Azure Security Engineer, Google Professional Cloud Security Engineer, CISSP, or CISM.

Soft Skills

• Strong problem-solving abilities and a proactive approach to cloud security challenges.
• Ability to influence and collaborate with diverse technical and non-technical teams.
• Excellent verbal and written communication skills, with the ability to present complex cloud security concepts effectively.

Physical Requirements: General Office Demands

Candidate must be authorized to work in the U.S, now or in the future, without the support from McKesson.

Relocation is NOT budgeted for this position.

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!