Senior Data Security Architect - Now Hiring

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.

CoverMyMeds Technology is seeking a Senior Data Security Architect to join our Data & Analytics organization. This is a highly specialized role responsible for defining, implementing, and governing enterprise-wide data security architecture across cloud and hybrid data platforms. You will serve as the security authority across the data lifecycle — ensuring that sensitive healthcare data is protected, compliant, and audit-ready while enabling scalable analytics and external data sharing. This role directly supports mission-critical healthcare operations where security, privacy, and trust are foundational.

* Our preferred candidate would reside in the Columbus, OH area to support a hybrid work schedule, but we may consider a well-qualified full-remote candidate.

* McKesson complies with all applicable U.S. immigration laws and regulations. The Company does not provide employer support or sponsorship for any immigration related employment benefit for this role.

Applicants must be currently authorized to work in the United States on a fulltime basis without the need for employer support or sponsorship now or in the future. This includes having the legal right to work in the United States without the need for McKesson support or sponsorship for any immigration related employment authorization (e.g., H1B, O1, E3, H1B1, TN, F1 OPT, F1 STEM OPT, F1 CPT, etc.) now or in the future. If you will require McKesson to provide immigration support or sponsorship now or in the future, you should not apply for this position.

What You'll Do:

• Own and evolve enterprise data security architecture across Databricks, Azure Data Lake, and enterprise reporting platforms

• Design and enforce fine-grained data access controls (RBAC, ABAC, row/column-level security) using Unity Catalog and governed tagging frameworks

• Architect identity and access management (IAM) patterns integrating Okta, Microsoft Entra ID, SailPoint, and privileged access platforms

• Define and implement PHI/PII protection strategies, including tokenization, encryption, de-identification, and masking across environments

• Establish secure data sharing and multi-tenant access models for external customers, partners, and embedded analytics

• Lead architecture for data rights, entitlements, and consent-based access controls, ensuring compliance with contractual and regulatory requirements

• Build and operationalize security controls aligned to SOX ITGC, including logical access controls, change management, and audit evidence frameworks 

• Design audit-ready security architectures supporting HIPAA, SOC 2 Type II, and FedRAMP compliance requirements 

• Partner with engineering, SRE, and platform teams to embed security into CI/CD pipelines, platform onboarding, and development standards

• Define and govern data classification, tagging, and lineage-aware security policies across medallion architectures

• Evaluate and recommend enterprise security tooling and governance platforms

• Produce architecture artifacts (decision records, control matrices, audit evidence) consumable by internal and external auditors

Basic Requirements:

• Bachelor’s degree in Computer Science, Information Systems, or a related field, or equivalent experience, and typically requires 7+ years of relevant experience in data security, cybersecurity, or data architecture, with significant focus in cloud-based environments

• Proven experience implementing data security and governance controls in regulated environments (HIPAA, healthcare strongly preferred)

• Strong expertise in SOX IT General Controls (ITGC) domains, including logical access, change management, and audit controls

• Hands-on experience with Databricks Unity Catalog security models, including RBAC, ABAC, and data masking

• Deep knowledge of Azure cloud security architecture, including networking, identity, and secrets management

• Experience designing identity and access management solutions (Okta, Entra ID, SailPoint, privileged access tools)

• Demonstrated experience implementing encryption, tokenization, and de-identification strategies for sensitive data

• Experience designing secure data architectures for external/customer-facing analytics products

• Ability to translate regulatory requirements into implemented technical controls and audit artifacts

• Strong communication skills with ability to present architecture concepts to technical, business, and audit stakeholders

Preferred Skills / Experience:

• Experience supporting SOC 2 Type II and/or FedRAMP compliance programs

• Knowledge of healthcare data sharing frameworks and consent models

• Experience designing data entitlement models and purpose-based access controls at scale

• Familiarity with FHIR-based data platforms and interoperability security

• Experience with DSPM/CSPM tools for cloud data security

• Experience implementing non-production data masking and synthetic data solutions

• Exposure to CI/CD security architecture and service principal hardening

• Experience operating in large, matrixed enterprise governance environments

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please 

Our Base Pay Range for this position

$124,100 - $206,900

McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson’s (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:

McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.

McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.

McKesson job postings are posted on our career site: .

McKesson is an Equal Opportunity Employer

 

McKesson provides equal employment opportunities to applicants and employees, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other legally protected category. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our page.

 

McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to (United States) or (Canada) . Resumes or CVs submitted to this email box will not be accepted.

Join us at McKesson!