We are seeking a Lead Identity Solutions Architect to join our Information Security Architecture team to help deliver on our mission of providing superior identity and access management services to our customers, providers, partners, and employees.
As the Lead Identity Solution Architect, you will have the opportunity to shape the vision and strategy for Information Security and Enterprise Access Management at McKesson. Successful candidates will have a strong background in Customer or Enterprise Identity and Access Management and a proven ability to influence and drive change.
Provides technical leadership to drive and shape the Global Identity Services architecture
Develops strategic roadmaps, technical blueprints, standards and reference architectures in support of the Global Identity Services program
Consults with business stakeholders and other architects to understand core business processes and business priorities and provides recommendations on IAM solutions
Manages the technology life cycle of IAM capabilities
Leads technical evaluations of IAM products including proof of concepts to determine business value of candidate solutions
Collaborates cross-functionally with other technology teams and Information Security and Risk Organization
Mentors other members of the team on IAM best practices
Drives Request for Proposal (RFP) and vendor selection process in the IAM space
Keeps abreast of industry trends and informs the team of evolving IAM standards and landscape
Minimum Requirements 8+ years experience in administering security controls in an organization
6+ years' experience in developing technical architectures with minimum of 3 years focused on IAM architecture
Strong understanding of the end-to-end Identity lifecycle management
Hands on experience with authentication and authorization protocols such as OIDC, SAML, OAuth2, FIDO, U2F, WebAuthn, SCIM, XACML, LDAP, RADIUS, Kerberos
Proven ability to architect robust, scalable, and secure solutions that meet customer's IAM needs
Experience with Multi-factor authentication capabilities including token-based, biometrics, certificates, and adaptive authentication
Experience with Privileged access management (PAM) architectures and capabilities (least privileged, session management, vaulting, and endpoint privileged management). Experience with CyberArk or Azure PIM a plus
Experience with Identity Governance processes and solutions such as Sailpoint or Saviynt a plus
Experience with IDaaS providers such as Okta, Azure AD, Ping Identity, or Google Cloud Identity
Additional Knowledge & Skills
Experience with cloud architectures particularly Azure and GCP native IAM controls
Experience with User Behavior Analytics
Experience with WorkDay, SAP, or SalesForce
Experience with O365, Active Directory and ADFS
Experience with MDM capabilities such as InTune, Jamf, or Airwatch
Experience with API Gateway and microservices architectures
Knowledge of Applied Cryptography and PKI
Experience with Python, PowerShell, Java, Java Script, JSON, REST, Scripting, HTML
Understanding of trends and regulations to ensure effectiveness and compliance with all regulations and frameworks (NIST, HIPPA-HITECH, HITRUST, PCI, GDPR)
Excellent written and verbal communication and organizational skills
Strong interpersonal and communications skills to build/ maintain ongoing business relationships
Education 4-year degree in computer science or related field or equivalent experience
CISSP or SANS GIAC a plus
Physical Requirements General Office Demands
McKesson is an Equal Opportunity/Affirmative Action employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, sexual orientation, gender identity, national origin, disability, or protected Veteran status.Qualified applicants will not be disqualified from consideration for employment based upon criminal history.
McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to McKessonTalentAcquisition@mckesson.com . Resumes or CVs submitted to this email box will not be accepted.
Current employees must apply through the internal career site.
Join us at McKesson!
Internal Number: JR0046439
About McKesson Corporation
We deliver careers with purpose and potential. Our focus on better health starts with creating an inclusive environment with strong values where you can build a fulfilling career. You can count on us to provide you with resources and opportunities to grow and be your best, while contributing to our pursuit of improving lives. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient. We work to distribute medical supplies, bandages, syringes, vials of flu vaccine, and pharmaceutical drugs to help real patients like Jack, an eight-year-old boy battling cancer. We take that job seriously. Together, the work we do is shaping the future of healthcare. If you are passionate about combining a meaningful career with a balanced life, join us on this journey and apply for a job with McKesson today. Every day, McKesson’s employees deliver products to healthcare providers that make a difference in the care and life of a patient.