We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
McKesson Corporation jobs

Lead DevSecOps Engineer

McKesson Corporation
United States, Texas, Irving
Feb 13, 2026

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

About the Role:

We are seeking an experienced Lead DevSecOps Engineer to drive our cloud infrastructure and security initiatives. You will be responsible for designing, implementing, and maintaining secure, scalable infrastructure on Azure while leading DevSecOps best practices across the organization, with a strong focus on GitHub-based workflows and security.

Key Responsibilities:

* Design and implement Infrastructure as Code (IaC) solutions on Azure using Terraform and Bicep
* Manage and optimize Azure Kubernetes Service (AKS) clusters, including cluster operations and application deployments
* Deploy and manage applications using Kubernetes manifests through SCCM (System Center Configuration Manager)
* Design and implement secure CI/CD pipelines using GitHub Actions with integrated security scanning
* Implement and maintain GitHub Advanced Security (GHAS) across repositories, including code scanning, secret scanning, and dependency reviews
* Develop and enforce secure coding practices and security policies within GitHub workflows
* Build automated security gates and compliance checks in CI/CD pipelines
* Develop automation scripts using Python and Bash to streamline operations
* Configure and optimize GHAS features including CodeQL analysis and security
advisories
* Lead incident response for security vulnerabilities identified through GHAS
* Mentor team members on DevSecOps practices, GitHub security features, and cloud technologies
* Collaborate with development, security, and operations teams to ensure secure delivery
* Establish branch protection rules, security policies, and access controls in GitHub

Required Skills & Experience

* Azure Infrastructure as Code (IaC): Expert-level experience designing and
implementing Azure infrastructure using IaC principles
* Azure Kubernetes Service (AKS): Strong experience as a cluster operator, including cluster configuration, scaling, and management
* Kubernetes Application Deployments: Proven ability to deploy and manage
applications using Kubernetes manifests through SCCM
* Terraform: Advanced proficiency in writing, testing, and maintaining Terraform
modules and configurations

GitHub & CI/CD:

o Expert-level experience designing and implementing CI/CD pipelines using
GitHub Actions
o Strong knowledge of GitHub workflows, reusable actions, and workflow security best practices
o Experience with secure secrets management in GitHub (GitHub Secrets, Azure
Key Vault integration)

GitHub Advanced Security (GHAS):
o Hands-on experience implementing and managing GHAS features
o Proficiency with CodeQL for custom security queries and code scanning
o Experience with secret scanning, dependency scanning, and security advisories
o Ability to triage and remediate security findings from GHAS

Secure CI/CD Practices:
o Strong understanding of supply chain security and SLSA framework
o Experience implementing security scanning at multiple pipeline stages
o Knowledge of artifact signing, provenance, and attestation
o Familiarity with SAST, DAST, SCA, and container scanning tools

* Scripting: Strong Python and Bash scripting skills for automation and tooling
* Deep understanding of container security and Kubernetes security best practices
* Knowledge of Azure security services (Azure Security Center, Key Vault, Azure Policy,
etc.)
* Experience with least-privilege access controls and identity management

Desirable Skills
* Bicep: Experience with Azure Bicep for infrastructure deployment
* GitHub certifications or advanced training
* Azure certifications (e.g., Azure Solutions Architect, Azure Security Engineer)
* Experience with GitOps workflows and tools (ArgoCD, Flux)
* Knowledge of compliance frameworks (SOC 2, ISO 27001, PCI-DSS, NIST)
* Experience with monitoring and observability tools (Prometheus, Grafana, Azure Monitor)
* Familiarity with OWASP Top 10 and secure coding standards
* Experience with infrastructure security scanning tools (Checkov, tfsec, Trivy)

Qualifications
* Bachelor's degree in Computer Science, Engineering, or related field (or equivalent experience)
* 10+ years of experience in DevOps/DevSecOps roles
* 3+ years of hands-on experience with Azure and Kubernetes
* 2+ years of experience with GitHub Actions and GitHub Advanced Security
* Strong understanding of networking, security, and cloud architecture principles
* Demonstrated ability to build security into development workflows without impeding velocity

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, pleaseclick here.

Our Base Pay Range for this position

$150,500 - $250,800

McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson's (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:

McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.

McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.

McKesson job postings are posted on our career site: careers.mckesson.com.

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other legally protected category. For additional information on McKesson's full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

McKesson welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. If you require accommodation please contact us by sending an email to Disability_Accommodation@McKesson.com.

Join us at McKesson!

Applied = 0
MORE JOBS LIKE THIS

(web-54bd5f4dd9-d2dbq)