Success Profile
What makes a successful MTA - Senior Pentesting Engineer? Here are the top traits.
- Conceptual
- Proactive
- Problem-Solver
- Strategic
- Technologically Savvy
- Visual Thinker
Culture
Accomplish
Make a meaningful impact by using your problem-solving skills to push the boundaries of innovation in healthcare, while maintaining a healthy work-life balance.
Innovate
Foster a digital mindset to drive IT transformation across McKesson through our evolving data and technology tools.
Grow
Join a supportive environment where you can advance your career and develop both personally and professionally.
Benefits
-
Coverage you can rely on
- Medical, Dental, and Vision
- Health Spending Accounts
- Flexible Spending Accounts
-
Benefits that go beyond your base pay
- 401(k) (U.S.)
- Pension (Canada)
- Employee Stock Purchase Plan
-
Support for total well-being
- Mental Health Programs
- Flexible Schedules
- Paid Time Off
- Wellness Program
- Education Reimbursement
- Volunteer Opportunities
- Flexible Work Environment
-
A global leader of inclusion
McKesson’s commitment to diversity and inclusion starts at the top. We have also been named a Best Employer for Diversity by Forbes.
Responsibility
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.
What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.
Job Description
Key Responsibilities
Penetration Testing
Plan, execute, and report on penetration tests targeting web applications, APIs, mobile apps, infrastructure, and cloud environments.
Simulate real-world attacks to assess the effectiveness of security controls and incident response capabilities.
Develop customized exploits and tools to support advanced testing relevant to the engagement.
Collaborate with external pentest vendors and service providers.
Vulnerability Assessment & Exploitation
Conduct in-depth vulnerability assessments using both automated tools and manual techniques.
Validate and exploit vulnerabilities to demonstrate potential impact and risk.
Collaborate with Application teams and peer Cybersecurity groups to ensure timely remediation and risk mitigation.
Security Tooling & Automation
Develop and maintain custom scripts and tools to support testing activities.
Contribute to security tools and processes in CI/CD pipelines for improved testing.
Evaluate and deploy commercial and open-source security testing tools.
Reporting & Communication
Deliver detailed, actionable reports to technical and non-technical stakeholders.
Present findings and recommendations to engineering, operations, and leadership teams.
Maintain documentation of testing methodologies, tools, and results.
Security Research & Innovation
Stay current with emerging threats, vulnerabilities, and offensive security techniques.
Participate in threat modeling and contribute to the development of attack simulations.
Mentor junior team members and contribute to internal knowledge sharing.
Minimum Requirements
Bachelor’s degree in Computer Science, Cybersecurity, or a related field. Advanced certifications preferred (e.g., OSCP, OSCE, GPEN, GCPN, GXPN).Typically requires 5+ years of hands-on experience in penetration testing, red teaming, or offensive security.
Technical Skills
Proficiency in scripting languages such as Python, Bash, or PowerShell.
Expertise in tools such as Burp Suite, Metasploit, Cobalt Strike, Nmap, and Kali Linux.
Experience with cloud penetration testing (AWS, Azure, GCP).
Familiarity with MITRE ATT&CK framework and threat emulation techniques.
Understanding of secure coding practices and common vulnerabilities (e.g., OWASP Top 10)
We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.
Our Base Pay Range for this position
$121,300 - $202,100McKesson is an Equal Opportunity Employer
McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.
Join us at McKesson!
McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson’s (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:
- McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.
- McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.
- McKesson job postings are posted on our career site: careers.mckesson.com.