Skip to main content
Back to jobs

Sr. Director, Cyber Engineering

External
McKesson logoMckesson · VA, Richmond
Full-timeHybridToday
Cloud SecurityComplianceDevSecOpsDocumentationEncryptionIAM
Cover LetterConnect

Prepare for this interview

Elite

AI-generated questions, company research, and talking points tailored to this role


About the role

The Sr. Director of Cybersecurity Engineering is responsible for leading teams that engineer, implement, and continuously improve enterprise security controls and platforms across identity, endpoint, network, cloud, application, and data environments. This leader partners with the CISO organization, Technology Leadership, risk/compliance, and business stakeholders to prioritize investments, establish standards and guardrails, and ensure measurable improvements in control effectiveness, security resilience, and operational efficiency. This role requires strong technical depth in security engineering and the leadership maturity to operate at the executive level. The Director establishes cybersecurity engineering strategy, multi-year roadmaps, and success metrics; governs an operating rhythm for delivery and reliability; and ensures outcomes are achieved across multiple teams (often through influence).

Responsibilities

  • Define and own the cybersecurity engineering strategy and operating model (platform engineering, control implementation, automation, reliability) aligned to business risk, technology priorities, and security architecture.
  • Establish and report executive-level metrics and scorecards (e.g., control adoption, coverage, reliability, vulnerability and misconfiguration reduction, policy compliance, engineering throughput, automation impact) and drive continuous improvement based on outcomes.
  • Own the security engineering platform portfolio: select, integrate, and manage lifecycle for security tooling and services (e.g., IAM/PAM, PKI, EDR, CSPM, vulnerability management, secrets management, WAF, DLP, SIEM/SOAR integrations) with clear service models and reliability targets.
  • Partner with architecture, engineering, and product teams to embed security into delivery (DevSecOps): define engineering standards, reusable patterns, and automated guardrails; enable teams with reference implementations and self-service capabilities.
  • Lead engineering execution for prioritized risk-reduction initiatives: hardening, segmentation, encryption, identity modernization, secure configuration baselines, vulnerability remediation automation, and resilience improvements across hybrid and cloud environments.
  • Establish governance for engineering delivery: intake and prioritization, roadmaps, architecture/engineering reviews, change management, and exception processes; ensure solutions are compliant-by-design and supported with appropriate documentation and evidence.
  • Build and lead high-performing cybersecurity engineering teams through hiring, coaching, performance management, and career development; establish standards for engineering quality, critical review, and operational discipline.
  • Manage cross-functional stakeholder relationships (Technology leaders, risk/compliance, audit, legal/privacy, and vendors) and translate technical risk and engineering tradeoffs into business impact and investment decisions.
  • Ensure security engineering services are reliable and operationally mature: define SLAs/SLOs, partner with SOC/CSIRT during incidents for engineering response and hardening, and drive post-incident corrective actions into durable platform improvements.
  • Minimum Requirements
  • Degree or equivalent experience. Typically requires 15+ years of professional experience and 10+ years of diversified leadership, planning, communication, organization, and people motivation skills or equivalent experience).

Requirements

  • 15+ years of progressive cybersecurity/technology experience with demonstrated depth in building and operating security controls and platforms.
  • 10+ years leading engineering teams and/or enterprise programs, including setting strategy, defining metrics, managing budgets/vendors, and driving execution across multiple stakeholders.
  • Hands-on and leadership experience engineering security capabilities such as IAM/PAM, network security controls, endpoint security, vulnerability management, encryption/key management, secrets management, and cloud security controls.
  • Proven ability to deliver engineering outcomes at scale building standardized services, defining SLAs/SLOs, automating controls, and driving adoption across diverse technology stacks.
  • Executive-ready communication

Benefits

Health insurance

Additional Information

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care. What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you. Sr. Director, Cybersecurity Engineering Location -Richmond, VA, USA - 9954 Mayland Drive (on-site)


Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at McKesson? Share your experience

Interested in this role?

Apply on the company's website.

Cover LetterConnect