Lead Offensive Security Engineer, Red Team

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

The Red Team Lead is a critical role in our offensive security team, driving advanced security testing and adversarial simulations to safeguard McKesson against emerging cyber threats. This position requires a blend of deep technical expertise, strategic vision, and leadership to enhance the organization's security posture. The Red Team Lead will implement strategic plans and foster a culture of continuous improvement in security practices. The successful candidate will have a robust understanding of applications, networks, operating systems, and offensive techniques, and will actively collaborate with cross-functional teams to enhance security efforts and mentor team members.

Responsibilities:

• Lead and execute complex red team engagements to simulate cyber-attacks on the organization's infrastructure, applications, and data.

• Translate high-level security objectives into actionable offensive security strategies and tactical plans.

• Develop, document, and implement comprehensive methodologies to identify and report vulnerabilities across all McKesson environments.

• Produce clear, detailed reports that articulate findings, vulnerabilities, and  recommended actions to both technical and non-technical stakeholders.

• Recommend actionable remediation strategies to mitigate identified vulnerabilities and improve the overall security posture.

• Lead purple team exercises to integrate red and blue team activities, enhancing overall security effectiveness.

• Foster a collaborative environment, promote knowledge sharing, and mentor team members to build a strong, skilled security team.

• Stay current with emerging threats, tools, and techniques in the security industry, continuously innovating to maintain and enhance McKesson’s security posture.

• Partner with incident response and other technology groups to strengthen defenses through informed remediation strategies.

• Champion an environment of collaboration, open communication, and knowledge sharing, ensuring continuous skill development for both peers and junior team members. 

• Embody McKesson’s core values of iLead and iCare by demonstrating integrity, accountability, empathy, and leadership in all security operations.

Minimum Qualifications:

• 8+ years of experience in Red Teaming, Purple Teaming, Penetration Testing, or offensive tool development; or master's degree in computer science / engineering or related cyber field, and 6-8+ years of progressive experience in offensive security, or a combination of academic and hands-on experience.

• Hands-on keys experience with Red Team engagements, including planning, execution, and leadership.

• Deep knowledge of Red Teaming Methodology, including Recon, Exploitation, Persistence, Lateral Movement, Post Exploitation, and Exfiltration.

Additional Skills and Experience:

Any two or more of these skills are part of the qualifications and requirements:

• Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Brute Ratel), offensive infrastructure deployment, reverse engineering/malware development, Active Directory exploitation, and lateral movement.

• Proven ability to script and develop custom tools and payloads in languages such as C#, C/C++, Golang, Python, Bash, or PowerShell.

• Proficiency in modifying or creating custom exploits tailored to engagement objectives.

• Demonstrated success in evading detection by industry-leading Endpoint Detection and Response (EDR) solutions.  Skilled in clearly explaining the tools and techniques used throughout each phase of an engagement to diverse audiences.

• Excellent written and verbal communication skills for documenting and explaining technical details clearly and concisely.

• Capable of evaluating operational security (OPSEC) implications to ensure that chosen strategies, tools, and methods remain effective and covert.

• Excellent organizational skills for managing time, tasks, and prioritizing actions to meet business needs.

Nice to Have:

• Advanced understanding of Windows or Unix based operating system internals.

• Working knowledge of cloud platforms (AWS, Azure, GCP), collaboration suites (O365, Google Workspace), and container technologies (Kubernetes, Docker).

• Demonstrated expertise in social engineering and phishing/vishing pretext development, with an understanding of email security technologies and countermeasures.

• Experience conducting physical penetration testing engagements, including covert entry skills, bypassing access controls (e.g., lock-picking, RFID hacking) and alarm systems.

• Experience in threat modelling, threat intelligence, or incident response.

• Contributions to public research, technical white papers, or open-source security tools.

Education:

• Bachelor's degree (in Computer Science, Information Security, Digital Forensics, Cyber Security, or related field), or equivalent experience.

Certifications:

• One or more of the following certifications is preferred:  CRTO, CRTL, CRTE, OSCE, OSEE, OSWE, GXPN.

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!