Principal Cybersecurity Architect / Cybersecurity Strategist

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

Principal Cybersecurity Architect / Cybersecurity Strategist

Job Level: Principal Architect (P6) Reports To: Sr. Director, Strategy, Architecture & Data Services Type: Full-time

Role Summary

The Principal Cybersecurity Architect is a senior, high-impact individual contributor responsible for defining, shaping, and driving McKesson’s enterprise-wide cybersecurity strategy and architectural direction. This role sets the long-term (3-, 5-, and 10+ year) cybersecurity vision across all business units, technologies, and security domains, ensuring a resilient, modern, and future-ready security posture.

Operating at enterprise and executive level, the Principal Architect partners closely with senior technology and business leaders to assess current maturity, identify technical debt and modernization opportunities, and define the target state architecture. This role brings deep external perspective into McKesson — translating industry trends, emerging threats, and vendor innovation into pragmatic, enterprise-scale strategy.

The successful candidate will act as McKesson’s strategic cybersecurity authority, influencing internal architecture and operations as well as external technology providers, while representing the organization as a trusted voice within the global cybersecurity community.

Key Responsibilities

· Strategy & Enterprise Architecture Leadership

· Define and govern the enterprise cybersecurity strategy, architecture vision, principles, standards, patterns, and reference architectures (e.g. Zero Trust, cloud-native, identity-centric, data-centric security).

· Lead assessment of current cybersecurity maturity and define multi-year roadmaps to move the organization “from good to great.”

· Identify enterprise-wide risk, technical debt, architectural gaps, and opportunities for simplification and modernization.

· Drive consistency and alignment across all cybersecurity domains including IAM, network, endpoint, cloud, application, data security, threat management, resilience, and emerging technologies.

Executive Partnership & Strategic Influence

· Partner closely with executive leadership (CISO, CIO/CTO, Enterprise Architecture, Risk, Legal, Data & AI leadership) to align cybersecurity strategy with business objectives and technology roadmaps.

· Influence architecture, engineering, operations, PMO, and delivery teams to ensure enterprise adoption of strategic security direction.

· Translate complex security and architectural concepts into clear, executive-level narratives tied to risk reduction, resilience, and business value.

Market, Vendor & Industry Leadership

· Actively track evolving threat landscapes, industry trends, and emerging security technologies.

· Influence and shape strategic technology provider roadmaps (e.g. cloud, identity, network, platform security vendors) to meet McKesson’s enterprise needs.

· Represent McKesson externally through conferences, forums, white papers, panels, and industry initiatives; contribute thought leadership back into the cybersecurity community.

· Maintain strong peer networks across enterprise cybersecurity leaders and practitioners.

Technology Foresight & Threat-Informed Strategy

· Anticipate disruptive technologies and future security challenges (e.g. Zero Trust evolution, AI security, SASE, confidential computing, post-quantum cryptography).

· Embed threat-informed and forward-looking security thinking into architecture and long-term planning.

· Ensure strategies remain adaptable as adversary capabilities, technology platforms, and regulatory requirements evolve.

Information Protection, Ethics & Governance

· Guide enterprise approaches to information protection, privacy, and ethical use of data, including classification, encryption, DLP, and privacy-by-design.

· Embed security-by-design principles into platforms, products, and data initiatives, including responsible and secure AI adoption.

· Strengthen security governance models, decision forums, architecture reviews, and exception handling to support enterprise-scale consistency.

Enablement & Advisory Leadership

· Provide strategic architectural guidance for critical initiatives, acquisitions, modernization programs, and complex enterprise decisions.

· Serve as a trusted advisor to architects, security leaders, and engineers across the organization.

· Build and sustain a strong architecture community through mentorship, reusable patterns, and shared standards.

Required Skills

· 12+ years broad technology and security experience spanning legacy platforms through modern and emerging architectures.

· Proven experience defining and driving enterprise-wide cybersecurity strategy within large, complex, multinational or Fortune-100-scale environments.

· Demonstrated ability to influence architecture and technology direction across diverse business units without formal authority.

· Strong background across multiple cybersecurity domains including IAM, Zero Trust, cloud, network, application, data security, risk, and compliance.

· Experience modernizing environments, reducing technical debt, and guiding large-scale architectural change.

· Executive-level communication skills with the ability to simplify complex topics and build trusted senior relationships.

· Recognised external industry presence (e.g. conference speaker, author, contributor, or well-known practitioner).

· Ability to translate industry trends, threat intelligence, and vendor capabilities into actionable enterprise strategy.

Preferred Skills

· Enterprise architecture credentials (TOGAF or equivalent such as SABSA or Zachman).

· Experience influencing or partnering directly with major technology providers and hyperscalers.

· Background in healthcare, regulated industries, or large-scale global operations.

· Experience supporting M&A, joint ventures, or major enterprise transformations.

· Recognition at a Technical Fellow / Distinguished Architect or Engineer level within the industry.

At McKesson, we care about the well-being of the patients and communities we serve, and that starts with caring for our people. That’s why we have a Total Rewards package that includes comprehensive benefits to support physical, mental, and financial well-being. Our Total Rewards offerings serve the different needs of our diverse employee population and ensure they are the healthiest versions of themselves.

As part of Total Rewards, we are proud to offer a competitive compensation package at McKesson. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations.  In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. 

Our Base Pay Range for this position

€101,300 - €168,800

McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson’s (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:

McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.

McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.

McKesson job postings are posted on our career site: careers.mckesson.com.