Tomorrow’s health is… Tackling challenges no one else can.

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Network Security Engineer is responsible for the development and maintenance of resilient, sophisticated, modern, and secure network solutions that serve CoverMyMeds’ critical businesses and customers. The engineer will develop, build, and deploy network security technologies, capabilities, and roadmaps to drive improvements in defense-in-depth and zero-trust security posture. 

Responsibilities include:

• Design and implement network security solutions within the enterprise datacenters and cloud platforms
• Produce detailed designs and cost estimates for network security solutions, adhering to network architectural standards
• Engage in Business Unit projects to elicit network requirements, specifications, and project scope
• Implement network security to company policy
• Develop and document network operations and monitoring processes and procedures
• Research and test network management and monitoring products and tools to maintain currency and enhance functionality
• Provide Level 3 diagnosis and advanced troubleshooting when required, participates in on-call rotation
• Perform short-term and long-term network security capacity planning

Minimum Qualifications:

• 5+ years of experience working in complex IP network environments with heavy security focus. 
• Significant experience designing, implementing, and maintaining network firewalls (Palo Alto, Cisco Firepower and F5) 
• 3-5 years of experience designing, implementing, and maintaining intrusion detection/prevention systems (Palo Alto / Cisco Firepower/FMC)
• Experience with NGFW Palo Alto/Panorama technologies: Threat Prevention, URL Filtering, Wildfire, Global Protect, DNS security
• Experience designing, implementing, and maintaining VPN Solutions (Global Protect, and Cisco Meraki)  
• Experience designing, implementing, and maintaining Identity Access/Multi-factor solutions (Cisco ISE, Aruba Clearpass, Okta), Network forensics (Wireshark, SIEM, packet capture, TCP/SSL dumps)  
• 5-7 years' experience of TCP/IP networking knowledge including security, sub-netting, switching, routing, load-balancing, and troubleshooting techniques
• Familiarity with emerging network technologies: cloud adoption (cloud providers Azure or GCP), containerization (Kubernetes), automation and orchestration (Ansible, Python, Terraform)
• Working knowledge of load-balancers and ADCs such as F5 products (LTM, Big-IP DNS, ASM, APM, Big-IQ, etc), NGINX, and Citrix NetScaler appliances

Critical Skills:

• Self-driven and able to take ownership of strategic and internal infrastructure projects and tasks
• Effective communication skills: candidate in this role must be able to clearly and successfully communicate with management personnel, project managers, technical personnel, internal/external customers, and third parties
• Can work under limited supervision
• Strong analytical, design, engineering, planning and problem-solving skills

Preferred Skills:

• Experience with web application firewalls (F5 ASM, NetScaler WAF, Imperva)
• Aruba ClearPass Access Management system deployment and support a plus
• Wide-ranging knowledge of Network Management tools and utilities

Education:

• Bachelor’s degree or equivalent experience in a related discipline is required

Certifications:

• Palo Alto, Cisco, F5, or other advanced industry network, security, and/or cloud certifications not required but preferred.  (PCNSE, CCNP, CISSP, CISM, CCSP, CCSK)  

Must be authorized to work in the U.S, now or in the future, without support McKesson.

Relocation is NOT budgeted for this position.

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!