Lead Offensive Engineer jobs in United States
info-icon
This job has closed.
company-logo

McKesson · 1 day ago

Lead Offensive Engineer

positionDallas, TX
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$144K/yr - $240K/yr
date6+ years exp

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. The Red Team Lead is a critical role in our offensive security team, driving advanced security testing and adversarial simulations to safeguard McKesson against emerging cyber threats.

BiopharmaBiotechnologyHealth CareInformation TechnologyPharmaceutical
check
H1B Sponsor Likelynote

Responsibilities

Lead and execute complex red team engagements to simulate cyber-attacks on the organization's infrastructure, applications, and data
Translate high-level security objectives into actionable offensive security strategies and tactical plans
Develop, document, and implement comprehensive methodologies to identify and report vulnerabilities across all McKesson environments
Produce clear, detailed reports that articulate findings, vulnerabilities, and recommended actions to both technical and non-technical stakeholders
Recommend actionable remediation strategies to mitigate identified vulnerabilities and improve the overall security posture
Lead purple team exercises to integrate red and blue team activities, enhancing overall security effectiveness
Foster a collaborative environment, promote knowledge sharing, and mentor team members to build a strong, skilled security team
Stay current with emerging threats, tools, and techniques in the security industry, continuously innovating to maintain and enhance McKesson’s security posture
Partner with incident response and other technology groups to strengthen defences through informed remediation strategies
Champion an environment of collaboration, open communication, and knowledge sharing, ensuring continuous skill development for both peers and junior team members

Qualification

Red TeamingPenetration TestingOffensive SecurityC2 FrameworksScripting LanguagesEDR SolutionsCloud PlatformsKnowledge SharingSocial EngineeringIncident ResponseThreat ModellingCommunicationOrganizational SkillsTeam LeadershipTechnical Writing

Required

8+ years of experience in Red Teaming, Purple Teaming, Penetration Testing, or offensive tool development; or master's degree in computer science / engineering or related cyber field, and 6-8+ years of progressive experience in offensive security, or a combination of academic and hands-on experience
Hands-on keys experience with Red Team engagements, including planning, execution, and leadership
Deep knowledge of Red Teaming Methodology, including Recon, Exploitation, Persistence, Lateral Movement, Post Exploitation, and Exfiltration
Bachelor's degree in computer science, Information Security, Digital Forensics, Cyber Security, or equivalent experience

Preferred

One or more of the following certifications is preferred: CRTO, CRTL, CRTE, OSCE, OSEE, OSWE, GXPN
Experience with C2 frameworks (e.g., Cobalt Strike, Sliver, Brute Ratel), offensive infrastructure deployment, reverse engineering/malware development, Active Directory exploitation, and lateral movement
Proven ability to script and develop custom tools and payloads in languages such as C#, C/C++, Golang, Python, Bash, or PowerShell
Proficiency in modifying or creating custom exploits tailored to engagement objectives
Demonstrated success in evading detection by industry-leading Endpoint Detection and Response (EDR) solutions
Skilled in clearly explaining the tools and techniques used throughout each phase of an engagement to diverse audiences
Excellent written and verbal communication skills for documenting and explaining technical details clearly and concisely
Capable of evaluating operational security (OPSEC) implications to ensure that chosen strategies, tools, and methods remain effective and covert
Excellent organizational skills for managing time, tasks, and prioritizing actions to meet business needs
Advanced understanding of Windows or Unix based operating system internals
Working knowledge of cloud platforms (AWS, Azure, GCP), collaboration suites (O365, Google Workspace), and container technologies (Kubernetes, Docker)
Demonstrated expertise in social engineering and phishing/vishing pretext development, with an understanding of email security technologies and countermeasures
Experience conducting physical penetration testing engagements, including covert entry skills, bypassing access controls (e.g., lock-picking, RFID hacking) and alarm systems
Experience in threat modelling, threat intelligence, or incident response
Contributions to public research, technical white papers, or open-source security tools

Benefits

Annual bonus
Long-term incentive opportunities

Company

McKesson

twittertwittertwitter
Glassdoor3.7
company-logo
McKesson distributes medical supplies, information technology, and care management products and services.
dateFounded in 1833
location
Irving, Texas, USA
people-size10001+ employees
web-link
http://www.mckesson.com

H1B Sponsorship

McKesson has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (149)
2024 (129)
2023 (82)
2022 (142)
2021 (144)
2020 (154)

Funding

Current Stage
Public Company
Total Funding
unknown
1994-11-18IPO

Leadership Team

leader-logo
Brian Tyler
CEO
linkedin
leader-logo
Jim McAuliffe
CFO
linkedin

Recent News

MedCity News
Trends in Health IT – What Should Organizations Prioritize in 2026?
2026-01-03
Seattle TechFlash
Fortune 50 company sells shuttered Rock Hill facility for $26.5M
2025-12-22
Business Insider
My parents and siblings are doctors, but I became a toy inventor. My company raised $5 million this year.
2025-11-25
Company data provided by crunchbase