Sr. Director, Cyber Threat Detection & Response
$172k - $286.6kMcKesson
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care. What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you. Sr. Director, Cyber Threat Detection & Response Location: Richmond, VA, USA - 9954 Mayland Drive (on-site) The Opportunity The Sr. Director, Threat Detection and Response (TDR) is responsible for leading a comprehensive enterprise capability that designs, implements, and operates scalable detection and response mechanisms while driving remediation of security gaps across technology environments (cloud, endpoints, identity, network, applications, and data platforms). This leader partners closely with the CISO organization, Technology Leadership, risk/compliance, and business stakeholders to prioritize investments, set standards, and ensure measurable improvements in detection fidelity, response readiness, and remediation throughput. This role requires strong technical depth in threat detection and response as well as the leadership maturity to operate at the executive level. The Director establishes TDR strategy, roadmaps, and success metrics; governs an operating rhythm for detection coverage and remediation execution; and ensures outcomes are delivered across multiple teams (often via influence). Key Responsibilities Define and own the enterprise TDR strategy and operating model (detection engineering, alerting standards, response readiness, and remediation governance) aligned to business risk and technology priorities. Establish and report executive-level metrics and scorecards (e.g., detection coverage, alert quality, MTTD/MTTR, response readiness, remediation SLAs, risk reduction) and drive continuous improvement based on outcomes. Lead selection, adoption, and lifecycle management of detection and response tooling and telemetry (SIEM, EDR/XDR, SOAR, UEBA, threat intel integrations, cloud logging, and case management), including integration standards and data quality requirements. Partner with Security Operations (SOC/CSIRT), threat intelligence, vulnerability management, and platform teams to ensure detections map to prioritized threats and that response playbooks and automation are effective and current. Establish remediation governance to drive closure of systemic security gaps identified through incidents, threat hunting, purple teaming, and control validation; ensure clear ownership, prioritization, timelines, and exception processes. Drive enterprise telemetry and logging strategy in partnership with engineering and infrastructure: ensure critical systems are instrumented, logs are retained appropriately, and detections can be built and tuned against reliable data sources. Lead and develop TDR talent (leaders, detection engineers, analysts) through hiring, coaching, performance management, and capability development; ensure teams have the training, tools, and operating discipline required for success. Manage cross-functional stakeholder relationships and communications (Technology leaders, risk/compliance, audit, legal/privacy as needed), translating technical risk into business impact and driving alignment on funding, priorities, and delivery commitments. Provide governance for incident and post-incident remediation: ensure lessons learned translate into durable control improvements, and conduct regular exercises/tabletops to validate readiness and benchmark progress. Minimum Requirements Degree or equivalent experience. Typically requires 15+ years of professional experience and 10+ years of diversified leadership, planning, communication, organization, and people motivation skills (or equivalent experience). Skills and Qualifications: 15+ years of cybersecurity experience with significant depth in threat detection, incident response, and security operations, including 10+ years leading teams and/or enterprise programs. Hands-on and leadership experience with detection and response platforms and practices (SIEM content engineering, EDR/XDR, SOAR automation, threat intel integration, logging/telemetry pipelines, and case management). Proven ability to drive remediation outcomes at scale establishing SLAs, clarifying ownership, prioritizing backlogs, and closing systemic gaps surfaced by incidents, hunts, and assessments. Executive-ready communication and stakeholder management skills, including the ability to present risk, progress, and investment needs to senior leadership and influence decisions Demonstrated ability to set strategy, secure organizational alignment/approvals, and deliver outcomes through multiple stakeholders (Security, Infrastructure, Cloud, Application/Product, and business teams). Deep understanding of detection engineering, telemetry pipelines, and security analytics: SIEM content engineering, EDR/XDR detections, SOAR automation, threat intelligence integration, alert triage models, and case management workflows. Strong risk communication skills: able to translate detection gaps and remediation tradeoffs into business impact, present to executives, and drive decisions to closure. Experience establishing oversight metrics and operational rhythms (OKRs/KPIs, reporting, service reviews) and using data to improve alert quality, reduce noise, and accelerate remediation throughput. Working knowledge of relevant governance and regulatory expectations and the ability to partner effectively with audit/compliance and privacy stakeholders while operating an effective detection and response capability. Track record of building high-performing teams and leading with integrity, accountability, and operational discipline; known for clear communication, sound judgment, and reliable execution. Experience developing multi-year roadmaps and influencing investment decisions (people, tooling, telemetry, automation) to improve enterprise detection and remediation outcomes. Proven capability managing vendor relationships and service contracts for security tooling and managed services, including defining requirements and measuring performance against outcomes. Strong understanding of privacy considerations and appropriate monitoring practices; able to partner with Legal/Privacy and HR as needed and ensure monitoring and investigations remain within policy and regulatory boundaries. Experience operating in hybrid/cloud environments and partnering with platform teams to instrument systems (cloud logging, identity signals, endpoint telemetry, network data) for reliable detections. Strong strategic and tactical decision-makingable to balance speed and risk, define compensating controls, and drive complex remediation decisions across multiple owners. Experience leading or sponsoring purple team activities, tabletop exercises, and control validation to continuously improve detection coverage and response playbooks. Trusted leader who builds credibility with executives and teams through transparency, follow-through, and a strong culture of operational excellence. Education Requirements Bachelors degree in computer science, information security/assurance, engineering, or a related field; advanced degree preferred or equivalent experience. . Certification Requirements Relevant certifications (preferred): CISSP, CISM, GIAC/SANS, +, SSCP, or equivalent foundational security certification. TDR/SecOps certifications (a plus): Google Cloud Professional Cloud Security Engineer and/or Associate Cloud Engineer, Google Professional Cloud DevOps Engineer, and/or GIAC certifications (e.g., GSEC, GCIH) depending on role focus. and/or cloud/security engineering certifications aligned to the teams platforms. About Medical-Surgical McKesson Medical-Surgical (MMS) is a subsidiary and publicly reported segment of the McKesson Corporation. MMS distributes medical-surgical supplies, pharmaceuticals, diagnostic equipment and supplies, along with other solutions and services to virtually every type of healthcare setting and provider outside of the traditional hospital. These markets – often referred to as Alternate Care or Non-Acute Care – include physician offices, surgery centers, long-term care providers, laboratories, home health and hospice agencies, health systems, government facilities and online marketplaces and retailers. Alternate Care markets are growing rapidly and MMS is proud to be a leader in this space. With a team of approximately 8,000 employees, a network of 15 distribution centers and approximately 900 delivery vehicles, we partner with more than 2,200 leading manufacturers and serve over 200,000 customer accounts across the U.S. Our catalog includes more than 280,000 SKUs of branded and private-label medical-surgical products – from bandages to specialty pharmaceuticals and COVID-19 tests. Looking Ahead : A New Chapter for MMS McKesson has announced its intent to separate MMS into an independent company – an exciting evolution that builds on MMS’s strong foundation and proven leadership in the Alternate Care space. As a standalone company, MMS would be positioned to unlock new opportunities to innovate, grow and lead with even greater agility and focus. We will also continue to be one of the largest medical-surgical distributors in the U.S., with over $11B in annual sales. This separation would accelerate our mission and empower us to shape a future defined by customer-centricity, bold thinking and operational excellence. For job seekers, it’s a unique moment to join a team that’s already making a meaningful impact and leading the way in shaping the future of healthcare delivery in Alternate Care settings – with even greater opportunity ahead as we prepare to become an independent company. Career Level - M5 We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here. Our Base Pay Range for this position $172,000 - $286,600 McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson’s (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind: McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application. McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates. McKesson job postings are posted on our career site: careers.mckesson.com. McKesson is an Equal Opportunity Employer McKesson provides equal employment opportunities to applicants and employees, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other legally protected category. For additional information on McKesson’s full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page. McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to (United States) View email address on click.appcast.io or (Canada) View email address on click.appcast.io. Resumes or CVs submitted to this email box will not be accepted. Join us at McKesson! McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve – we care. What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you.
$98.9k - $164.9k
...patients, our communities, and our people. If you want to be part of tomorrow’s health today, we want to hear from you. Cyber Threat Detection & Response Analyst Location: Richmond, VA, USA - 9954 Mayland Drive (on-site) The Opportunity The Cybersecurity Threat Detection...CyberFull timeInternship$100.2k - $164.1k
...Senior Incident Response Consultant 133254 This role joins SpearTip, the... ..., unique skill sets, and proven cyber counterintelligence strategies, SpearTip... ...clients from the ever-changing threat actors and become the gold standard in detecting zero-day vulnerabilities. In this...CyberSeniorFull timeTemporary workApprenticeshipLocal areaRemote workVisa sponsorshipFlexible hours$66.9k - $82.1k
...Overview The Cybersecurity Incident Response Engineer, Mid supports the detection, containment, and recovery of... ...infrastructure and application teams to contain threats while preserving evidence and... ...platforms integrated with SOC and cyber defense functions....CyberContract workWork experience placementWork at office- ...Ernst & Young Oman is seeking a Cyber Triage and Forensics Incident Analyst in Richmond, Virginia. The role involves investigating... ...a related field and at least 5 years of experience in incident response. Excellent skills in programming and understanding SIEM technologies...CyberSeniorFlexible hours
$102.17k
...optimizing water supply and demand, detecting leaks and anomalies, or... ...Security Team as a Senior Cyber Security Analyst, where you will... ...resilient against evolving threats. You will work closely with... ...detect emerging threats. • Lead response efforts for complex incidents...CyberSeniorH1b- ...The Incident Response Coordinator, Senior leads tactical coordination of complex IT incidents to minimize mission impact. The role facilitates... ...governance and the Senior Incident Manager, integrates with cyber defenders when needed, and champions readiness and continual...CyberSeniorContract workWork experience placementWork at officeShift work
- ...direction is received from the Manager, Cyber Security Operations. Do you see yourself... ...initiatives based on new and emerging threats posing risk to cloud computing environments... ...procedures. Act as a key figure in incident response to track occurrence and resolution, with...CyberSeniorWork at officeLocal area
$3,600 per month
...protecting organizations from evolving cyber threats? Join Kinsale Insurance, a leading excess... ..., security monitoring, and threat detection initiatives across the enterprise. You'... ...— keeping Kinsale at the forefront of responsible, secure innovation. You'll work alongside...CyberSeniorImmediate start$86.4k
...is the top investigator in the Cyber Fusion Center, capable of working... ...ensuring the CIRP (Cyber Incident Response Plan) is adhered to. They will... ...logs, firewall logs, and intrusion detection system [IDS] logs) to identify possible threats to network security. (10%)...CyberSeniorFor contractorsWork at officeLocal areaRemote work$109.2k - $223.4k
...Job Description The Director for Global Defense - Japan is responsible for leading and growing strategic defense and national security business in Japan,... ...solutions (e.g., cloud, data platforms, AI/analytics, cyber). Ensure proposals and delivery plans align to customer...CyberContract workTemporary workFor contractorsLocal areaFlexible hours$60 - $65 per hour
...) plan, and paid sick leave (depending on work location). Key Responsibilities: Responsible for creating and maintaining a roadmap for digital platform including infrastructure, well managed, cyber risk and resiliency initiatives. Responsible for breaking down...CyberContract workLocal areaImmediate start- ...both technical and business requirement discussions. Primary responsibilities include: • Configure Dataverse • Create and configure Power... ..., Data Analytics Infrastructure & Cloud Solutions, Cyber Security Services, etc. We make reasonable accommodations for...CyberSenior
$106.8k - $194.8k
...DESCRIPTION: As a WAF Operations Solution Engineer, you will be responsible for implementing and managing Web Application Firewall (WAF) solutions to protect client applications from cyber threats. You will work within a team of cybersecurity professionals to establish...CyberSeniorSummer holidayFlexible hours- ...everything we do in support of our vision of a safe and secure cyber world. Our globally recognized, award-winning portfolio of... ...Summary As Senior Sales Enablement Specialist, your primary responsibility is to for provide quality, cost effective ISC2 Sales Learning...CyberSeniorWork experience placementWork at officeRemote work
$90k - $105k
...requests only; other inquiries won't receive a response). Regular or Temporary: Regular... ...controls/initiatives to address emerging threats; managing portfolio reporting and... ...project management # Strong knowledge of cyber governance terms, disciplines and frameworks...CyberSeniorFull timePart timeWork at officeShift workDay shift$229.9k - $262.4k
...associates. In this role, the responsibilities will include: Act as a... ...Collaborating with enterprise cyber teams and tech architects in... ...experience in cyber risk analysis, threat modeling, assessment,... ...VA: $229,900 - $262,400 for Sr Manager, Cyber Technical New...CyberSeniorFull timePart timeH1bWork at officeLocal areaShift work$200.7k - $229.1k
...Sr. Manager, Tech & Cyber Risk As a Senior Manager of Tech & Cyber Risk within Capital One’s Business Risk Office, you will be a strategic... ...on the front lines of technology innovation, specifically responsible for designing and governing the responsible implementation...CyberSeniorFull timePart timeWork at officeLocal area- ...Director, Cyber Security Practice Hybrid (Maryland, Virginia, Washington... ...Center of Excellence, responsible for defining and advancing our... ...meeting the rigorous compliance, threat, and operational demands of... ..., AI-driven threat detection, identity modernization, automated...CyberContract work
$109.2k - $223.4k
...in ambiguity, and capable of influencing organizations at all levels — from engineering teams to VP/SVP/EVP stakeholders. Responsibilities Key Responsibilities Lead complex, cross-functional technical programs focused on OCI infrastructure planning, sourcing,...SeniorTemporary workFlexible hours$52k - $56k
...Shift: TBD Travel: As needed Essential Duties and Responsibilities: Provide technical support in the following areas:... ...Senior Finance Manager, HR Partner Support, Opex Sr. Risk Manager, HR Risk Management- Tech and Cyber Risk Rad Tech Specialist Supervisor - New Kent - Days...CyberFull timeTemporary workWork at officeLocal areaShift work$76.4k - $138.6k
...products and services, as well as detect and quickly respond to... ...strategy, digital identity, cyber defense, application security... ...scanning by actively emulating threat actors, performing penetration... ...of security weaknesses.Your responsibilities will include supporting the validation...CyberSummer holidayLocal areaFlexible hours$87.7k - $164k
...products and services, as well as detect and quickly respond to... ...strategy, digital identity, cyber defense, application security... ...member of the technical team responsible for security incident response... ...assessment on perceived security threats Maintain, manage, improve...CyberSummer holidayLocal areaFlexible hours$209k - $238.5k
...trust and accountability. Roles and Responsibilities: Strategy & Roadmap: Own the multi... ...risk appetites and the evolving threat landscape. Engineering Partnership:... ...Sales Territory: $209,000 - $238,500 for Sr Manager, Cyber Technical McLean, VA: $229,900 - $2...CyberSeniorFull timePart timeH1bWork at officeLocal areaShift work$115.3k - $264.1k
...Job Description Manage the development and implementation process of a specific company product. Responsibilities Manage the development and implementation process of a specific company product involving departmental or cross-functional teams focused on the delivery...SeniorTemporary workFlexible hours- ...missions in the world! The Senior Technical Account Manager is responsible for actively driving and managing the post sales process with... ...Management, Cloud Security, Policy Compliance, Intrusion Detection Systems IDS, Intrusion Prevention Systems IPS, Network Scanners...Senior
- ...Sr Data Analyst Job location-NYC city/Mclean VA/Richmond VA /Plano TX (Hybrid ) Deep dive in database • Python, SQL and spark... ...outliers • bility to communicate with stakeholders LOB is Cyber - identity and access mgmt. team - hiring a DA for audit issues specifically...CyberSenior
- ...architecture diagrams, program coding and scripts; Understanding of Oracle & SQL Server databases; Understanding of the critical nature of cyber security; Team player. Work within a team and when needed ability to work efficiently on their own. Job Summary...CyberSenior
- ...Cyber Security Engineer Duration: 12+ months Location: Plano, TX / McLean, VA / Richmond, VA / Chicago, IL Manager Call Notes... ...Architecture • Experience with Application Security • Experience with Threat Modeling • Experience with Penetration Testing and/or...CyberSeniorImmediate start
- ...The Incident Response Coordinator supports the end-to-end response to IT incidents and service disruptions, helping restore normal operations... ...Use monitoring/ITSM data to route incidents; engage infra/app/cyber/vendor dependencies. Communications & Handoffs: Provide...CyberContract workWork experience placementWork at officeShift work
$186.9k - $234k
...Rubrik's most critical industry partnerships. As a Global Alliances Director, you will orchestrate a massive cross-functional engine-... ...Operations Company, leads at the intersection of data protection, cyber resilience, and enterprise AI acceleration. Rubrik Security...CyberLocal areaRemote work
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Sr. Director, Cyber Threat Detection & Response. Be the first to apply!
- director biotech Richmond, VA
- director of proposals Richmond, VA
- integration director Richmond, VA
- director of telecommunications Richmond, VA
- director biology Richmond, VA
- director of purchasing Richmond, VA
- residence director Richmond, VA
- director of information management Richmond, VA
- director of missions Richmond, VA
- director operational excellence Richmond, VA

