Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Lead Threat Detection Engineer

$139k - $231.6k

McKesson

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

McKesson's Lead Threat Detection Engineer will be a member of our global cyber threat intelligence, incident response, analytics, and engineering team responsible for advancing our detection capabilities and tools. This team is responsible for building detection content, enabling integration, automation, enrichment, and performance of alerts. This role enables speed, quality, and coverage of threats for security operations and reduces risk to McKesson business operations.

Position Description/Responsibilities
  • Mature from a manual detection practice to a modern, automated, and standardized Detection-as-Code practice and infrastructure.
  • Develop use-cases based on intelligence, red team results, and incident data
  • Develop IOC workflows and a feedback loop for the Threat Intel Platform (TIP)
  • Write detection and correlation rules to identify threats across our stack
  • Assist in onboarding logs and identifying gaps in logs or alert results
  • Develop a deep understanding of data models, macros, indexes, sources, and field alias and the technology foundation our detection stack is built
  • Understand data schema/API standards, automation, and messaging systems
  • Bring a metrics-driven mindset to our rules, signals (IOCs), and alerts
Critical Requirements
  • Prioritize detection use-case and scope and create a logical rule
  • Ability to prioritize decisions to either write a rule and/or tune a tool/policy
  • Practical experience with threat Actor tracking, tactics, tools, and techniques and working closely with Intel, SOC, and Red Teams (Purple Teams)
  • Ability to measure detection coverage across common frameworks (e.g. NIST CSF, MITRE, KC) and simplify rules and configurations to optimize alerts
  • Ability to automate tasks via scripting, automating inputs and outputs of APIs, and programming skills such as python to enable detection engineering tasks
  • Exceptional interpersonal, organizational, and communication skills and ability to internalize and exemplify Mckesson core values.
  • Splunk SPL knowledge and SIEM experience or additional SIEM background
Following Qualifications would be advantageous:
  • 10+ years of professional experience in two or more domains, including: detection engineering, data engineering, incident response, threat hunting, threat intelligence.
  • Bachelor's degree in computer science, Information Security, Security Engineering, Statistics, or Data Science
  • Chronicle Experience, Splunk Certifications (1,2), Automation certifications (Security with Python SEC573), Sigma Rules

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$139,000 - $231,600

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees and is committed to a diverse and inclusive environment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age or genetic information. For additional information on McKesson's full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

Join us at McKesson!
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Lead Threat Detection Engineer in United States vacancy
  • $132k - $165k

    Early Warning is seeking a Staff Insider Threat Engineer to enhance security measures in Scottsdale, with responsibilities including deploying detection tools and monitoring user behavior. The ideal candidate will have at least 10 years of experience in information security... 
    Suggested

    Early Warning

    Scottsdale, AZ
    4 days ago
  •  ...looking for an experienced cybersecurity professional to lead development and optimization of detection and response capabilities. The role involves collaboration with Cyber Threat Intelligence and Advanced Cyber Engineering teams and includes duties like creating automation... 
    Suggested

    Ahold Delhaize

    Quincy, MA
    1 day ago
  • Benesch is seeking a SOC/Incident Response Engineer in Columbus. Hybrid with work-from-home flexibility, you will detect, investigate, and respond to cybersecurity incidents...  ...to minimize impact. Responsibilities include threat detection, forensics, malware triage, and... 
    Suggested
    Work from home

    Benesch

    Columbus, OH
    4 days ago
  • Early Warning Services is seeking a Staff Insider Threat Engineer to detect, triage, and respond to insider threats in a hybrid work environment across major U.S. cities. You will lead deployment and tuning of threat tools, analyze incidents, and collaborate with CSIRT... 
    Suggested

    Dormont Manufacturing Company

    Scottsdale, AZ
    1 day ago
  • $101.9k - $132.8k

    Role Description We are looking for a savvy, high-performing Threat Detection Engineer who will be responsible for the day-to-day management of company-wide information security toolsets and the protection of Blackbaud’s and Client’s information. Security Engineers diligently... 
    Suggested
    Full time
    Remote work
    Flexible hours

    Blackbaud

    Remote
    7 days ago
  • $158k - $198k

    Early Warning is seeking a Staff Insider Threat Engineer based in San Francisco, CA. This role is integral in detecting and responding to insider threats by working collaboratively with teams across the organization. The position requires a minimum of 10 years of information... 

    Early Warning Services

    San Francisco, CA
    4 days ago
  • $100k - $145k

     ...passionate professional to analyze intrusions, threat campaigns, and malware, and to drive...  ...them by implementing robust behavioral detection coverage on the Falcon sensor platform....  ...collaborate across threat intelligence, engineering, and operational teams. You will be... 
    Permanent employment
    Work experience placement
    Work at office
    Local area
    2 days per week
    3 days per week

    CrowdStrike

    Austin, TX
    4 days ago
  • United Airlines is seeking a Senior Analyst for Insider Threat operations focused on enhancing detection capabilities in cybersecurity. The role requires a bachelor's degree and at least 3 years of STEM-related experience, emphasizing insider threat methodologies and behavioral... 

    United Airlines

    Chicago, IL
    1 day ago
  • $260k - $405k

    A leading AI research company in San Francisco is hiring a Security Engineer to build and secure transformational AI technologies. Responsibilities...  ...include innovating detection infrastructure, collaborating...  ...teams, and managing insider threat projects. Ideal candidates... 

    OpenAI

    San Francisco, CA
    15 hours ago
  • $2,000 per month

    Join to apply for the Senior Threat Detection Engineer role at Miro Join to apply for the Senior Threat Detection Engineer role at Miro About The...  ...engineering teams to enhance their security practices and leading and coordinating responses during security incidents. CSDR... 
    Full time
    Internship
    Work at office
    Remote work
    Work from home
    Worldwide
    Flexible hours

    Miro

    Austin, TX
    4 days ago
  •  ...focusing on internal red teaming, attack simulation, and threat and detection engineering within the Security Assurance team. This role ensures our...  ...continuous validation and threat-informed operations. You will lead adversary simulations, purple-team exercises, and red-team... 

    ONEOK, Inc

    Dallas, TX
    1 day ago
  • $140k - $150k

    SecurityScorecard is seeking an engineering counterpart to the STRIKE Threat Intelligence team. The successful candidate will transform research outputs into production-ready artifacts, such as detection rules and distribution feeds. This role requires 5 to 8 years of engineering... 

    SecurityScorecard

    Washington DC
    4 days ago
  • MartinFed is seeking a SIEM Detection Engineer to develop, tune, and maintain detection content in Splunk ES for government missions. You will...  ...use cases aligned to MITRE ATT&CK, while incorporating threat intelligence and minimizing noise. Collaboration with analysts... 

    MartinFed

    Washington DC
    4 days ago
  • Nordstrom is seeking a Senior Security Engineer to join their team in Seattle. The individual will focus on detection engineering, threat hunting, and incident response, requiring expertise in developing high-fidelity detection rules and collaborating with various teams... 

    Nordstrom

    Seattle, WA
    4 days ago
  • TekSynap is seeking a Cybersecurity Engineer for their Columbus, Ohio office. The successful candidate will develop threat detection use cases and enhance SIEM functionality. Candidates must have at least five years of relevant IT experience including specific experience... 
    Work at office

    TekSynap

    Columbus, OH
    4 days ago
  • $190k - $260k

    Insider Threat Detection Engineer Location: New York Business Area: Legal, Compliance, and Risk Ref #: 10051993 Description & Requirements What’s the role? The Staff Risk and Investigations team within Bloomberg’s Chief Information Security Office (CISO) is responsible... 
    Temporary work
    For contractors
    Work experience placement
    Work at office

    Bloomberg

    New York, NY
    6 hours ago
  •  ...Citizens Bank seeks a skilled professional for an Information Security role specializing in detection engineering. This remote position offers the opportunity to enhance threat detection capabilities using advanced security tools. The ideal candidate will have significant... 
    Remote job

    First Citizens Bank

    Scottsdale, AZ
    1 day ago
  •  ...Security programs. This remote position involves performing threat detection, analysis, and mitigation to protect the Bank's networks. The...  ...candidate will have significant experience in detection engineering and proficiency with tools like Splunk and CrowdStrike. Strong... 
    Remote job

    First Citizens Bank

    Houston, TX
    1 day ago
  •  ...Principal TDR Analyst to serve as a subject matter expert in threat detection and incident response with a global footprint across NA,...  ...candidate brings a strong background in systems and network engineering, holds advanced cybersecurity certifications (e.g., GCIH, GCFA... 

    FALL CREEK FARM & NURSERY

    Dallas, TX
    4 days ago
  • SpaceX is seeking an experienced Platform Integrity Manager (Customer Integrity & Threat Detection Manager) to detect, disrupt, and investigate potential misuse of our services. The role focuses on safeguarding customer information and privacy while enforcing measures... 

    SPACE EXPLORATION TECHNOLOGIES CORP

    Bastrop, TX
    4 days ago
  • RB Global Inc. is seeking a Lead, Cybersecurity Operations to drive the growth of our global CSOC capabilities. The role combines...  ...hands-on technical leadership with strategic vision, overseeing threat detection, incident response, and continuous improvement of security... 

    RB Global Inc.

    Westchester, IL
    4 days ago
  • $160k - $185k

    The Cyber Detection and Response Team Lead will play a pivotal role in building and leading a world-class...  ..., investigate, and respond to cyber threats across the client’s environment. This...  ...with the client’s Security Engineering team to ensure detection and response... 

    Control-Risks

    San Francisco, CA
    9 days ago
  • Blackbaud is seeking a Sr. Manager of Cyber Threat Detection and Response to lead the detection engineering and incident response teams. Responsibilities include developing threat detection frameworks and managing incident response efforts across varied security operations... 
    Remote work
    Flexible hours

    Blackbaud

    New York, NY
    4 days ago
  • $70 - $95 per hour

    Join to apply for the Consultant - Threat Detection Engineer role at Kalles Group Base pay range $70.00/hr - $95.00/hr Everyone deserves to be secure...  ...seeking a senior Threat Detection Engineer Consultant to lead a focused insider threat and privileged access analysis... 
    Hourly pay
    Full time
    Temporary work
    Remote work

    Kalles Group

    Seattle, WA
    a month ago
  •  ...seeking a Security Operations Center (SOC) Engineer III to provide advanced cybersecurity...  ...and incident response support. You will lead efforts to strengthen security through effective...  ...of IT security experience, expertise in threat hunting, and strong knowledge in... 

    MartinFed

    Arlington, VA
    4 days ago
  • $160k - $250k

     ...In this role, you will bring your in‑depth knowledge of the Threat Detection market to help guide the evolution of CrowdStrike’s visibility...  ...the entire Falcon platform. You will work closely with engineering, researchers, product marketing, sales, support, and other product... 
    Work experience placement
    Work at office
    Local area
    Remote work
    Worldwide
    3 days per week
    1 day per week

    CrowdStrike

    Arlington, VA
    4 days ago
  •  ...and consumers. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend harnesses AI to...  ...week in office) TrendAI is hiring a Threat News Monitoring & Detection Lead to join the Threat Research Insights and Impact (TRII) team. TRII... 
    Temporary work
    H1b
    Work at office
    Flexible hours
    2 days per week

    TrendAI

    Austin, TX
    4 days ago
  • $70 - $95 per hour

    A nationwide IT consulting firm is looking for a senior Consultant - Threat Detection Engineer to lead insider threat analysis and privileged access assessments. You will investigate complex data environments, produce actionable recommendations, and work independently while... 
    Remote job
    Hourly pay
    Temporary work

    Kalles Group

    Seattle, WA
    4 days ago
  • $162.7k - $263.18k

    Palo Alto Networks, Inc. is seeking a Principal Security Researcher to enhance threat detection capabilities. You will lead projects aimed at improving coverage and effectiveness in security protections. In this hands-on leadership role, you will drive innovation and provide... 

    Palo Alto Networks, Inc.

    Santa Clara, CA
    1 day ago
  • SwiftCruit is hiring a full-time AI Security Engineer Specialist to work at the University of Miami Health System's IT Department....  ...operations. Responsibilities include leveraging AI tools for threat detection and incident response, collaborating with teams, and maintaining... 
    Full time

    SwiftCruit

    Miami, FL
    15 hours ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Lead Threat Detection Engineer. Be the first to apply!