Lead Threat Detection Engineer
$139k - $231.6kMcKesson
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.
What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you. McKesson's Lead Threat Detection Engineer will be a member of our global cyber threat intelligence, incident response, analytics, and engineering team responsible for advancing our detection capabilities and tools. This team is responsible for building detection content, enabling integration, automation, enrichment, and performance of alerts. This role enables speed, quality, and coverage of threats for security operations and reduces risk to McKesson business operations. Position Description/Responsibilities- Mature from a manual detection practice to a modern, automated, and standardized Detection-as-Code practice and infrastructure.
- Develop use-cases based on intelligence, red team results, and incident data
- Develop IOC workflows and a feedback loop for the Threat Intel Platform (TIP)
- Write detection and correlation rules to identify threats across our stack
- Assist in onboarding logs and identifying gaps in logs or alert results
- Develop a deep understanding of data models, macros, indexes, sources, and field alias and the technology foundation our detection stack is built
- Understand data schema/API standards, automation, and messaging systems
- Bring a metrics-driven mindset to our rules, signals (IOCs), and alerts
- Prioritize detection use-case and scope and create a logical rule
- Ability to prioritize decisions to either write a rule and/or tune a tool/policy
- Practical experience with threat Actor tracking, tactics, tools, and techniques and working closely with Intel, SOC, and Red Teams (Purple Teams)
- Ability to measure detection coverage across common frameworks (e.g. NIST CSF, MITRE, KC) and simplify rules and configurations to optimize alerts
- Ability to automate tasks via scripting, automating inputs and outputs of APIs, and programming skills such as python to enable detection engineering tasks
- Exceptional interpersonal, organizational, and communication skills and ability to internalize and exemplify Mckesson core values.
- Splunk SPL knowledge and SIEM experience or additional SIEM background
- 10+ years of professional experience in two or more domains, including: detection engineering, data engineering, incident response, threat hunting, threat intelligence.
- Bachelor's degree in computer science, Information Security, Security Engineering, Statistics, or Data Science
- Chronicle Experience, Splunk Certifications (1,2), Automation certifications (Security with Python SEC573), Sigma Rules
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Lead Threat Detection Engineer in United States vacancy
- ...looking for an experienced cybersecurity professional to lead development and optimization of detection and response capabilities. The role involves collaboration with Cyber Threat Intelligence and Advanced Cyber Engineering teams and includes duties like creating automation...Suggested
- Early Warning Services is seeking a Staff Insider Threat Engineer to detect, triage, and respond to insider threats in a hybrid work environment across major U.S. cities. You will lead deployment and tuning of threat tools, analyze incidents, and collaborate with CSIRT...Suggested
$132k - $165k
Early Warning is seeking a Staff Insider Threat Engineer to enhance security measures in Scottsdale, with responsibilities including deploying detection tools and monitoring user behavior. The ideal candidate will have at least 10 years of experience in information security...Suggested- Benesch is seeking a SOC/Incident Response Engineer in Columbus. Hybrid with work-from-home flexibility, you will detect, investigate, and respond to cybersecurity incidents... ...to minimize impact. Responsibilities include threat detection, forensics, malware triage, and...SuggestedWork from home
$101.9k - $132.8k
Role Description We are looking for a savvy, high-performing Threat Detection Engineer who will be responsible for the day-to-day management of company-wide information security toolsets and the protection of Blackbaud’s and Client’s information. Security Engineers diligently...SuggestedFull timeRemote workFlexible hours$100k - $145k
...passionate professional to analyze intrusions, threat campaigns, and malware, and to drive... ...them by implementing robust behavioral detection coverage on the Falcon sensor platform.... ...collaborate across threat intelligence, engineering, and operational teams. You will be...Permanent employmentWork experience placementWork at officeLocal area2 days per week3 days per week- United Airlines is seeking a Senior Analyst for Insider Threat operations focused on enhancing detection capabilities in cybersecurity. The role requires a bachelor's degree and at least 3 years of STEM-related experience, emphasizing insider threat methodologies and behavioral...
$190k - $260k
Insider Threat Detection Engineer Location: New York Business Area: Legal, Compliance, and Risk Ref #: 10051993 Description & Requirements What’s the role? The Staff Risk and Investigations team within Bloomberg’s Chief Information Security Office (CISO) is responsible...Temporary workFor contractorsWork experience placementWork at office- TekSynap is seeking a Cybersecurity Engineer for their Columbus, Ohio office. The successful candidate will develop threat detection use cases and enhance SIEM functionality. Candidates must have at least five years of relevant IT experience including specific experience...Work at office
$158k - $198k
Early Warning is seeking a Staff Insider Threat Engineer based in San Francisco, CA. This role is integral in detecting and responding to insider threats by working collaboratively with teams across the organization. The position requires a minimum of 10 years of information...- MartinFed is seeking a SIEM Detection Engineer to develop, tune, and maintain detection content in Splunk ES for government missions. You will... ...use cases aligned to MITRE ATT&CK, while incorporating threat intelligence and minimizing noise. Collaboration with analysts...
- Nordstrom is seeking a Senior Security Engineer to join their team in Seattle. The individual will focus on detection engineering, threat hunting, and incident response, requiring expertise in developing high-fidelity detection rules and collaborating with various teams...
- ...Security programs. This remote position involves performing threat detection, analysis, and mitigation to protect the Bank's networks. The... ...candidate will have significant experience in detection engineering and proficiency with tools like Splunk and CrowdStrike. Strong...Remote job
- ...Citizens Bank seeks a skilled professional for an Information Security role specializing in detection engineering. This remote position offers the opportunity to enhance threat detection capabilities using advanced security tools. The ideal candidate will have significant...Remote job
$140k - $150k
SecurityScorecard is seeking an engineering counterpart to the STRIKE Threat Intelligence team. The successful candidate will transform research outputs into production-ready artifacts, such as detection rules and distribution feeds. This role requires 5 to 8 years of engineering...$260k - $405k
A leading AI research company in San Francisco is hiring a Security Engineer to build and secure transformational AI technologies. Responsibilities... ...include innovating detection infrastructure, collaborating... ...teams, and managing insider threat projects. Ideal candidates...$2,000 per month
Join to apply for the Senior Threat Detection Engineer role at Miro Join to apply for the Senior Threat Detection Engineer role at Miro About The... ...engineering teams to enhance their security practices and leading and coordinating responses during security incidents. CSDR...Full timeInternshipWork at officeRemote workWork from homeWorldwideFlexible hours- ...focusing on internal red teaming, attack simulation, and threat and detection engineering within the Security Assurance team. This role ensures our... ...continuous validation and threat-informed operations. You will lead adversary simulations, purple-team exercises, and red-team...
- ...Principal TDR Analyst to serve as a subject matter expert in threat detection and incident response with a global footprint across NA,... ...candidate brings a strong background in systems and network engineering, holds advanced cybersecurity certifications (e.g., GCIH, GCFA...
- Blackbaud is seeking a Sr. Manager of Cyber Threat Detection and Response to lead the detection engineering and incident response teams. Responsibilities include developing threat detection frameworks and managing incident response efforts across varied security operations...Remote workFlexible hours
$160k - $185k
The Cyber Detection and Response Team Lead will play a pivotal role in building and leading a world-class... ..., investigate, and respond to cyber threats across the client’s environment. This... ...with the client’s Security Engineering team to ensure detection and response...- RB Global Inc. is seeking a Lead, Cybersecurity Operations to drive the growth of our global CSOC capabilities. The role combines... ...hands-on technical leadership with strategic vision, overseeing threat detection, incident response, and continuous improvement of security...
- SpaceX is seeking an experienced Platform Integrity Manager (Customer Integrity & Threat Detection Manager) to detect, disrupt, and investigate potential misuse of our services. The role focuses on safeguarding customer information and privacy while enforcing measures...
$70 - $95 per hour
Join to apply for the Consultant - Threat Detection Engineer role at Kalles Group Base pay range $70.00/hr - $95.00/hr Everyone deserves to be secure... ...seeking a senior Threat Detection Engineer Consultant to lead a focused insider threat and privileged access analysis...Hourly payFull timeTemporary workRemote work- ...seeking a Security Operations Center (SOC) Engineer III to provide advanced cybersecurity... ...and incident response support. You will lead efforts to strengthen security through effective... ...of IT security experience, expertise in threat hunting, and strong knowledge in...
$70 - $95 per hour
A nationwide IT consulting firm is looking for a senior Consultant - Threat Detection Engineer to lead insider threat analysis and privileged access assessments. You will investigate complex data environments, produce actionable recommendations, and work independently while...Remote jobHourly payTemporary work- ...powered future.AI Fearlessly.Location: Austin, TX — Hybrid (2 days/week in office)Position Summary:TrendAI is hiring a Threat News Monitoring & Detection Lead to join the Threat Research Insights and Impact (TRII) team. TRII translates TrendAI’s threat research into...H1bWork at officeFlexible hours2 days per week
$160k - $250k
...In this role, you will bring your in‑depth knowledge of the Threat Detection market to help guide the evolution of CrowdStrike’s visibility... ...the entire Falcon platform. You will work closely with engineering, researchers, product marketing, sales, support, and other product...Work experience placementWork at officeLocal areaRemote workWorldwide3 days per week1 day per week$162.7k - $263.18k
Palo Alto Networks, Inc. is seeking a Principal Security Researcher to enhance threat detection capabilities. You will lead projects aimed at improving coverage and effectiveness in security protections. In this hands-on leadership role, you will drive innovation and provide...- SwiftCruit is hiring a full-time AI Security Engineer Specialist to work at the University of Miami Health System's IT Department.... ...operations. Responsibilities include leveraging AI tools for threat detection and incident response, collaborating with teams, and maintaining...Full time
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Lead Threat Detection Engineer. Be the first to apply!
Related searches
- lead sales engineer United States
- lead algorithm engineer United States
- lead gameplay engineer United States
- lead product engineer United States
- lead c# developer United States
- lead mobile developer United States
- lead integration engineer United States
- lead backend developer United States
- lead engineering technician United States
- lead test engineer United States

