Tomorrow’s health is… Tackling challenges no one else can.

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Job Summary:

We are seeking a highly skilled Application Security Architect - MuleSoft to join our organization. In this role, you will be responsible for safeguarding our organization’s APIs and applications by identifying, analyzing, and mitigating security vulnerabilities. Your expertise in Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), and vulnerability management will play a critical role in ensuring the security and resilience of our digital assets.

Key Responsibilities:

• Architecture/Design: Work closely work with the Business & other application teams in designing secure, robust and scalable integration solutions to meet those need using MuleSoft Integration Suite.
• Application/API Security Assessment: Conduct thorough security assessments of Applications/APIs to identify vulnerabilities, weaknesses, and potential threats.
• Static Application Security Testing (SAST): Utilize SAST tools to perform code reviews and identify security issues in the source code during development.
• Dynamic Application Security Testing (DAST): Conduct DAST scans to assess the security of running applications, APIs, and services in real-world scenarios.
• Vulnerability Identification: Continuously monitor and identify security vulnerabilities, including OWASP Top Ten and other emerging threats.
• Vulnerability Management: Develop and manage a vulnerability management program, including tracking, prioritizing, and reporting vulnerabilities to stakeholders.
• Development: Build the Mulesoft integration code for easy maintainability, supportability and for operational effectiveness.
• Collaboration: Work closely with development teams to provide guidance on addressing security issues, offering remediation advice, and tracking vulnerability resolution progress.
• Security Best Practices: Promote and enforce secure coding practices and ensure that security is integrated into the software development lifecycle (SDLC).
• Threat Intelligence: Stay informed about the latest security threats, vulnerabilities, and industry best practices to proactively enhance security measures.
• Reporting and Documentation: Create detailed reports on security assessments, vulnerabilities, and mitigation efforts for management and stakeholders.

Qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• Proven experience in API and application security, including SAST and DAST.
• Familiarity with industry standards and frameworks such as OWASP, NIST, and ISO 27001.
• Strong knowledge of programming languages, web application architecture, and API security best practices.
• Experience with security assessment tools and vulnerability scanning tools.
• Excellent communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams.
• Experience with MUnit, build and deployment (CI/CD) process around MuleSoft is a plus.
• Experience on integrating Mulesoft with CRM, ERP, Applications via various connectors.
• Certified in MuleSoft is a plus.
• Knowledge of Cloud Services on Azure, GCP or AWS

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!