Network Security (WAF) Engineer
ExternalPrepare for this interview
EliteAI-generated questions, company research, and talking points tailored to this role
Benefits
Additional Information
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care. What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you. Network Security Engineer (WAF) - P3 About the Role (Job Summary) As a Network Security Engineer (Web Application Firewall), you will play a key role in protecting McKesson's global technology environment by designing, implementing, and optimising security controls across cloud and on-premises platforms. You will work closely with infrastructure, application, and cybersecurity teams to secure internet-facing applications, strengthen network security controls, and reduce organisational risk. This role combines hands-on engineering with security consulting, helping teams integrate security into technology solutions while maintaining application availability and performance. You will also contribute to incident response, risk reduction initiatives, and the continuous improvement of McKesson's cybersecurity capabilities. What You'll Do (Responsibilities) Design, implement, and maintain Web Application Firewall (WAF) protections for internet-facing applications, including custom security policies, rate limiting, geo-blocking, and threat detection rules. Develop and manage network security controls, including firewall policies, network segmentation, ingress and egress controls, and secure access configurations. Partner with application, infrastructure, and engineering teams to understand application architectures, traffic flows, and business requirements, ensuring security controls are both effective and operationally sustainable. Analyse network traffic, security events, and application behaviour to identify risks, investigate security concerns, and improve detection capabilities. Evaluate, implement, and optimise security technologies and controls to enhance protection against vulnerabilities, emerging threats, and unauthorised access. Support incident response, forensic investigations, vulnerability remediation activities, and disaster recovery planning by providing technical security expertise. Document security architectures, configurations, procedures, and standards while promoting security best practices across technology teams. Basic Requirements 4+ years of experience implementing and supporting enterprise network security technologies, including firewalls, web application firewalls, or intrusion prevention systems. Experience configuring and managing Web Application Firewall (WAF) solutions to protect internet-facing applications and APIs. Experience designing, implementing, and maintaining firewall rules, network segmentation controls, and access management policies in enterprise environments. Strong understanding of TCP/IP networking, application traffic flows, DNS, HTTP/HTTPS, and network security architecture principles. Experience analysing network traffic, security logs, and security events to support investigations, threat detection, and incident response activities. Experience assessing security risks, validating security control effectiveness, and identifying opportunities to improve security posture. Strong documentation skills with experience creating technical documentation, security standards, procedures, and configuration records. Preferred Skills/Experience Minimum Education & Typical Experience or Equivalent Combination: Bachelor's degree or equivalent combination of education and experience, with 4+ years of experience in cybersecurity engineering, network security, infrastructure security, or a related technical field. Experience securing cloud-based environments and applications within AWS, Azure, or other enterprise cloud platforms. Knowledge of Operational Technology (OT) security, supply chain security, or AI security risks and associated controls. Experience mentoring team members and contributing to technical leadership, security best practices, and continuous improvement initiatives. At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That's why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves. As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equi
Your Match
How well this role fits your profile.
Company Intel
What employees say
Worked at McKesson? Share your experience