Lead Threat Detection Engineer
$139k - $231.6kMcKesson
McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.
What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you. McKesson's Lead Threat Detection Engineer will be a member of our global cyber threat intelligence, incident response, analytics, and engineering team responsible for advancing our detection capabilities and tools. This team is responsible for building detection content, enabling integration, automation, enrichment, and performance of alerts. This role enables speed, quality, and coverage of threats for security operations and reduces risk to McKesson business operations. Position Description/Responsibilities- Mature from a manual detection practice to a modern, automated, and standardized Detection-as-Code practice and infrastructure.
- Develop use-cases based on intelligence, red team results, and incident data
- Develop IOC workflows and a feedback loop for the Threat Intel Platform (TIP)
- Write detection and correlation rules to identify threats across our stack
- Assist in onboarding logs and identifying gaps in logs or alert results
- Develop a deep understanding of data models, macros, indexes, sources, and field alias and the technology foundation our detection stack is built
- Understand data schema/API standards, automation, and messaging systems
- Bring a metrics-driven mindset to our rules, signals (IOCs), and alerts
- Prioritize detection use-case and scope and create a logical rule
- Ability to prioritize decisions to either write a rule and/or tune a tool/policy
- Practical experience with threat Actor tracking, tactics, tools, and techniques and working closely with Intel, SOC, and Red Teams (Purple Teams)
- Ability to measure detection coverage across common frameworks (e.g. NIST CSF, MITRE, KC) and simplify rules and configurations to optimize alerts
- Ability to automate tasks via scripting, automating inputs and outputs of APIs, and programming skills such as python to enable detection engineering tasks
- Exceptional interpersonal, organizational, and communication skills and ability to internalize and exemplify Mckesson core values.
- Splunk SPL knowledge and SIEM experience or additional SIEM background
- 10+ years of professional experience in two or more domains, including: detection engineering, data engineering, incident response, threat hunting, threat intelligence.
- Bachelor's degree in computer science, Information Security, Security Engineering, Statistics, or Data Science
- Chronicle Experience, Splunk Certifications (1,2), Automation certifications (Security with Python SEC573), Sigma Rules
Vacancy posted 4 days ago
Similar jobs that could be interesting for youBased on the Lead Threat Detection Engineer in United States vacancy
- ...Threat Detection Engineer TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force... ..., automation and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to...SuggestedRemote work
TenEx
United States2 days ago - ...Solutions LLC is seeking a Cyber Security Engineer to join its Information Security &... ...incident response, digital forensics, and threat detection, ensuring robust security measures... ...environments. Responsibilities include leading incident response activities, monitoring...Suggested
600 Mobility Tech Solutions LLC
New York, NY1 day ago - ...Senior Threat Detection Engineer Job Category: Information Technology Location: Poland - Krakow | Poland - Remote Meet Our Team: As a member of the Cloud Security Operations Center (CSOC), you will play a critical role in the continuous monitoring, threat detection...SuggestedWork experience placementRemote workFlexible hours
Pegasystems
United States2 days ago $146k - $184k
...innovation and go-to-market acceleration has driven industry-leading growth. In fact, we’re the largest and fastest-... ...overview CarGurus is looking for a Senior Security Engineer to add to our growing Threat Detection and Response (TD&R) Team. This is a hands-on...SuggestedFlexible hoursCarGurus
Boston, MA3 days ago- ...A global cybersecurity leader is seeking a Detection Engineer to join their X-OPS team. In this role, you will analyze advanced security threats and develop detection strategies to support analysts and clients. You will collaborate with the Threat Intelligence team and...SuggestedRemote work
Sophos
Meyersdale, PA3 days ago $260k - $405k
A leading AI research organization is seeking a mid-level to senior Security Engineer specialized in Insider Threat Detection & Response. This role involves innovating infrastructure for security, developing detection rules, and managing insider threats. Ideal candidates...Remote workOpenAI
Los Angeles, CA6 days ago- ...Information Security Engineer 4 – Threat Detection Engineer (Contingent) This senior Information Security Engineering role focuses on Threat Detection Engineering for large-scale, multi-cloud enterprise environments. The engineer will design, build, tune, and validate...
Apex Systems
Chandler, AZ4 days ago - ...Position Title: Principal Cybersecurity Detection Engineer - AI Driven Threats Location: Hybrid - Vienna VA / Winchester VA / Pensacola FL... ...Center (CSOC). This senior-level individual contributor will lead the design, implementation, and optimization of advanced...Contract workFor contractors
Seneca
Fairfax, VA1 day ago - ...Threat Detection And Response Engineer Thought Machine's mission is bold – to properly and permanently rid the world's banks of legacy technology. To achieve this, we have developed the foundations of modern banking through core and payments technology which run natively...Remote work
Thought Machine
United States2 days ago - ...POSITION : We are seeking a highly motivated and skilled Threat Detection Engineer to join our dynamic security team. In this role you will be... ...share a passion for improving the lives of patients and leading innovation within the healthcare industry. Diversity not...Work at officeLocal areaRemote workShift work
EVERSANA Company
United States1 day ago - ...Cyber Security Engineer Fragomen, an AmLaw 100 Firm and the leading global immigration services provider, is seeking a Cyber Security Engineer with strong... ...in Incident Response, digital forensics, and threat detection to join our Information Security & Cyber Security...Local areaRemote work
Fragomen Worldwide
United States2 days ago $116k - $145k
...Threat Detection and Response Engineer II CarGurus is looking for a Security Engineer II to add to our growing Threat Detection and Response (TD&R) Team. This is a hands-on technical role that will build our first line of defense against cybersecurity threats in a...Venturefizz Product Management Community
Boston, MA3 days ago$115k - $165k
...Threat Detection & Response Engineer III Denver, CO or Long Beach, CA Space is a warfighting domain. True Anomaly seeks those with the talent and ambition to build the technology that secures it. True Anomaly delivers decisive capabilities for space superiority...Permanent employmentWork at officeTrue Anomaly
Long Beach, CA4 days ago$90.4k - $153.7k
...expert teams of physicists, engineers, data scientists and problem-... ...work together with the world's leading technology providers to... ...anticipating a wide variety of threats to strengthen our defenses and... ...We are seeking a qualified Detection Engineer to join our Digital...Minimum wageWork at officeFlexible hoursKLA
Ann Arbor, MI3 days ago$150k - $180k
...COMPANY OVERVIEW KKR is a leading global investment firm that offers alternative... ...complex cyber incidents within the Threat Detection & Response (TD&R) function in our New... ...Computer Incident Response Team (CIRT), and engineering counterparts to drive faster, more...Work at officeLocal areaKKR
New York, NY3 days ago- ...Threat Detection Engineer Do you have a passion for hunting malicious activities in the background of business as usual and figuring out how... ...that enable the team to focus on strategic objectives. Lead Information Security response activities for the firm. Team...
Millennium Management
Miami, FL5 days ago $65 - $80 per hour
...Threat Detection Engineer Location: Houston, Texas (Onsite) Employment Type: Contract Role Overview We are seeking a candidate for a technical detection engineering role focused on logs, telemetry, SIEM integration, and creating actionable alerts. This position...Hourly payContract workApex Systems
Houston, TX3 days ago$59.53 - $67.53 per hour
...Threat Detection Engineer Genesis10 is currently seeking a Threat Detection Engineer for a contract position located in Charlotte, NC; Chandler, AZ; Minneapolis, MN; or Dallas, TX. This is an 18+ month contract opportunity. Description: Consult on complex initiatives...Hourly payContract workGenesis10
Chandler, AZ11 days ago- ...starting the mapping of cybersecurity talent to integrate into a SOC team as specialists in advanced detection to strengthen Threat Hunting and Detection Engineering capabilities. Responsibilities Development of detection rules (Sigma, YARA, SIEM queries)....Remote work
Babel Inc
United States4 days ago $70 - $95 per hour
...Join to apply for the Consultant - Threat Detection Engineer role at Kalles Group Base pay range $70.00/hr - $95.00/hr Everyone deserves... ...seeking a senior Threat Detection Engineer Consultant to lead a focused insider threat and privileged access analysis...Hourly payFull timeTemporary workRemote workKalles Group
Seattle, WA6 days ago- A leading cybersecurity company in Charlotte is seeking a Manager, Offensive Security to lead a team focused on threat detection and attack simulation. The role requires strong leadership skills... ...simulations while mentoring engineers. This position offers a robust benefits...
- A leading cybersecurity company is seeking a Manager, Offensive Security to lead a team focused on threat detection and attack stimulation. You will be responsible for mentoring engineers, developing detection rules, and enhancing security operations across diverse technologies...
- ...The Cybersecurity Incident Response (IR) Lead and Detection is responsible for the dual mission of advanced threat detection capabilities and leading the charge... ...speed. KEY RESPONSIBILITIES: Detection Engineering (the "Hunt) Advanced Logic Development: Design...
United States Steel
Pittsburgh, PA1 day ago - A cybersecurity firm is seeking a Manager, Offensive Security to lead a team focused on threat detection across diverse technologies. In this role, you'll oversee detection engineering, mentor cybersecurity engineers, and drive security operations' performance. Ideal candidates...
- ...A healthcare data company dedicated to transforming how patients receive care is seeking a Sr. Cyber Threat & Response Engineer. In this role, you will identify, analyze, and mitigate cyber threats, collaborate with a security team, and respond to critical alerts post...Remote workFlexible hours
Arcadia
New York, NY4 days ago - ...Detection Engineer We are seeking a detail-oriented and technically skilled Detection Engineer to join our X-OPS team. In this role, you will be responsible for analyzing advanced security threats—ranging from malware to complex web attacks—and translating threat intelligence...Local areaRemote work
Sophos
United States2 days ago $70 - $95 per hour
...A nationwide IT consulting firm is looking for a senior Consultant - Threat Detection Engineer to lead insider threat analysis and privileged access assessments. You will investigate complex data environments, produce actionable recommendations, and work independently...Hourly payTemporary workRemote workKalles Group
Seattle, WA6 days ago- ...A leading off-price retail chain is seeking a Security Engineer II to enhance its cybersecurity posture. The role focuses on proactive threat hunting and intelligence analysis. Ideal candidates will have over 8 years of cybersecurity experience, with expertise in threat...Remote work
Ross Stores, Inc.
Dublin, CA1 day ago - A leading cybersecurity firm in North Carolina is seeking a skilled SOC Operations Lead to oversee 24×7 SOC operations. This role involves leading detection engineering, incident handling, and evidence management. The ideal candidate will have hands-on experience with...
$90k - $125k
...CrowdStrike, Inc. seeks a Threat Analyst in Arlington, Virginia to analyze malware and enhance detection capabilities. This full-time position involves collaboration with various internal teams and improving machine learning models based on detection data. Key qualifications...Full timeWork at officeKoitecc Solutions
Arlington, VA5 days ago
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Lead Threat Detection Engineer. Be the first to apply!
Related searches
- lead maintenance engineer United States
- lead support engineer United States
- lead c# developer United States
- lead sharepoint developer United States
- lead process engineer United States
- lead operating engineer United States
- lead software test engineer United States
- lead engineer United States
- lead infrastructure engineer United States
- lead sales engineer United States