We are seeking an experienced Application Security Engineer to join our Product Security team.
The ideal candidate will play a critical role in ensuring the security of our software development lifecycle, deployed application security posture, and operations in accordance with NIST guidelines.
This role requires a deep understanding of software security best practices, DevSecOps principles, and the operation of security tooling.
**Key Responsibilities:**Collaborate with DevOps teams to ensure application security scanning and remediation requirements are met.Stay updated with the latest security trends, vulnerabilities, and compliance requirements.
* Knowledge of containerization technologies (Docker, Kubernetes) and cloud security (AWS, Azure, GCP).
**Required / Basic Qualifications:** * 4+ years experience in Application Security / DevOps Engineering* Deep understanding of software security best practices, DevSecOps principles, and the operation of security tooling.Proficiency in scripting such as Python, Bash, Javascript, etc.Experience implementing security tools such as OWASP ZAP, Veracode, SonarQube, and GitHub Advanced Security.Experience with Supply Chain security tooling such as JFrog Xray/Curation, Blackduck, Sonatype, FOSSAProficiency in CI/CD tools such as GitHub Actions, Jenkins, GitLab CI, or Azure DevOps.
**Preferred Qualifications:** Knowledge of healthcare, privacy, and financial compliance regulations Strong analytical and troubleshooting skills with an understanding of IT business operations and information security Strong problem-solving skills and the ability to think critically about security challenges.
Excellent communication skills, with the ability to explain complex security concepts to non-technical stakeholders.
Ability to work collaboratively in a fast-paced, team-oriented environment.
Previous penetration testing experience**Education:** At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people.
That's why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being.
Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson.
This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets.
The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.
In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered.
#J-18808-Ljbffr