McKesson

Sr. Director, Cyber Threat Detection & Response

McKesson$172K — $286K *
Information Technology
11 - 15 years of experience
Job Overview by Ladders

Qualifications

  • 15+ years of cybersecurity experience, with 10+ years in leadership roles.
  • Hands-on experience with detection and response platforms (e.g., SIEM, EDR).
  • Proven ability to execute remediation strategies effectively across teams.
  • Strong executive communication skills to convey risk and progress to senior leadership.
  • Deep knowledge of telemetry, detection engineering, and security analytics.

Responsibilities

  • Define and lead the enterprise Threat Detection and Response strategy.
  • Establish executive-level metrics and drive continuous improvement based on outcomes.
  • Manage adoption and lifecycle of detection and response tools.
  • Coordinate with Security Operations and threat intelligence teams for effective detections.
  • Drive remediation governance to close systemic security gaps identified in incidents.
  • Collaborate on enterprise telemetry strategies to ensure reliable data for detections.
  • Develop and lead TDR talent through effective management and coaching.

Benefits

  • Access to a competitive total rewards package.
  • Professional development opportunities.
  • Potential for annual bonuses and long-term incentives.
  • Supportive work environment focused on health delivery innovations.
  • Opportunity to be part of a growing, independent company in the healthcare sector.
Full Job Description
Sr. Director, Cyber Threat Detection & Response

Location: Richmond, VA, USA - 9954 Mayland Drive (on-site)

The Opportunity

The Sr. Director, Threat Detection and Response (TDR) is responsible for leading a comprehensive enterprise capability that designs, implements, and operates scalable detection and response mechanisms while driving remediation of security gaps across technology environments (cloud, endpoints, identity, network, applications, and data platforms). This leader partners closely with the CISO organization, Technology Leadership, risk/compliance, and business stakeholders to prioritize investments, set standards, and ensure measurable improvements in detection fidelity, response readiness, and remediation throughput.

This role requires strong technical depth in threat detection and response as well as the leadership maturity to operate at the executive level. The Director establishes TDR strategy, roadmaps, and success metrics; governs an operating rhythm for detection coverage and remediation execution; and ensures outcomes are delivered across multiple teams (often via influence).

Key Responsibilities

  • Define and own the enterprise TDR strategy and operating model (detection engineering, alerting standards, response readiness, and remediation governance) aligned to business risk and technology priorities.
  • Establish and report executive-level metrics and scorecards (e.g., detection coverage, alert quality, MTTD/MTTR, response readiness, remediation SLAs, risk reduction) and drive continuous improvement based on outcomes.
  • Lead selection, adoption, and lifecycle management of detection and response tooling and telemetry (SIEM, EDR/XDR, SOAR, UEBA, threat intel integrations, cloud logging, and case management), including integration standards and data quality requirements.
  • Partner with Security Operations (SOC/CSIRT), threat intelligence, vulnerability management, and platform teams to ensure detections map to prioritized threats and that response playbooks and automation are effective and current.
  • Establish remediation governance to drive closure of systemic security gaps identified through incidents, threat hunting, purple teaming, and control validation; ensure clear ownership, prioritization, timelines, and exception processes.
  • Drive enterprise telemetry and logging strategy in partnership with engineering and infrastructure: ensure critical systems are instrumented, logs are retained appropriately, and detections can be built and tuned against reliable data sources.
  • Lead and develop TDR talent (leaders, detection engineers, analysts) through hiring, coaching, performance management, and capability development; ensure teams have the training, tools, and operating discipline required for success.
  • Manage cross-functional stakeholder relationships and communications (Technology leaders, risk/compliance, audit, legal/privacy as needed), translating technical risk into business impact and driving alignment on funding, priorities, and delivery commitments.
  • Provide governance for incident and post-incident remediation: ensure lessons learned translate into durable control improvements, and conduct regular exercises/tabletops to validate readiness and benchmark progress.


Minimum Requirements

  • Degree or equivalent experience. Typically requires 15+ years of professional experience and 10+ years of diversified leadership, planning, communication, organization, and people motivation skills (or equivalent experience).


Skills and Qualifications:

  • 15+ years of cybersecurity experience with significant depth in threat detection, incident response, and security operations, including 10+ years leading teams and/or enterprise programs.
  • Hands-on and leadership experience with detection and response platforms and practices (SIEM content engineering, EDR/XDR, SOAR automation, threat intel integration, logging/telemetry pipelines, and case management).
  • Proven ability to drive remediation outcomes at scale establishing SLAs, clarifying ownership, prioritizing backlogs, and closing systemic gaps surfaced by incidents, hunts, and assessments.
  • Executive-ready communication and stakeholder management skills, including the ability to present risk, progress, and investment needs to senior leadership and influence decisions
  • Demonstrated ability to set strategy, secure organizational alignment/approvals, and deliver outcomes through multiple stakeholders (Security, Infrastructure, Cloud, Application/Product, and business teams).
  • Deep understanding of detection engineering, telemetry pipelines, and security analytics: SIEM content engineering, EDR/XDR detections, SOAR automation, threat intelligence integration, alert triage models, and case management workflows.
  • Strong risk communication skills: able to translate detection gaps and remediation tradeoffs into business impact, present to executives, and drive decisions to closure.
  • Experience establishing oversight metrics and operational rhythms (OKRs/KPIs, reporting, service reviews) and using data to improve alert quality, reduce noise, and accelerate remediation throughput.
  • Working knowledge of relevant governance and regulatory expectations and the ability to partner effectively with audit/compliance and privacy stakeholders while operating an effective detection and response capability.
  • Track record of building high-performing teams and leading with integrity, accountability, and operational discipline; known for clear communication, sound judgment, and reliable execution.
  • Experience developing multi-year roadmaps and influencing investment decisions (people, tooling, telemetry, automation) to improve enterprise detection and remediation outcomes.
  • Proven capability managing vendor relationships and service contracts for security tooling and managed services, including defining requirements and measuring performance against outcomes.
  • Strong understanding of privacy considerations and appropriate monitoring practices; able to partner with Legal/Privacy and HR as needed and ensure monitoring and investigations remain within policy and regulatory boundaries.
  • Experience operating in hybrid/cloud environments and partnering with platform teams to instrument systems (cloud logging, identity signals, endpoint telemetry, network data) for reliable detections.
  • Strong strategic and tactical decision-makingable to balance speed and risk, define compensating controls, and drive complex remediation decisions across multiple owners.
  • Experience leading or sponsoring purple team activities, tabletop exercises, and control validation to continuously improve detection coverage and response playbooks.
  • Trusted leader who builds credibility with executives and teams through transparency, follow-through, and a strong culture of operational excellence.


Education Requirements

  • Bachelors degree in computer science, information security/assurance, engineering, or a related field; advanced degree preferred or equivalent experience.


Certification Requirements

  • Relevant certifications (preferred): CISSP, CISM, GIAC/SANS, +, SSCP, or equivalent foundational security certification. TDR/SecOps certifications (a plus): Google Cloud Professional Cloud Security Engineer and/or Associate Cloud Engineer, Google Professional Cloud DevOps Engineer, and/or GIAC certifications (e.g., GSEC, GCIH) depending on role focus. and/or cloud/security engineering certifications aligned to the teams platforms.


About Medical-Surgical

McKesson Medical-Surgical (MMS) is a subsidiary and publicly reported segment of the McKesson Corporation. MMS distributes medical-surgical supplies, pharmaceuticals, diagnostic equipment and supplies, along with other solutions and services to virtually every type of healthcare setting and provider outside of the traditional hospital. These markets - often referred to as Alternate Care or Non-Acute Care - include physician offices, surgery centers, long-term care providers, laboratories, home health and hospice agencies, health systems, government facilities and online marketplaces and retailers.

Alternate Care markets are growing rapidly and MMS is proud to be a leader in this space. With a team of approximately 8,000 employees, a network of 15 distribution centers and approximately 900 delivery vehicles, we partner with more than 2,200 leading manufacturers and serve over 200,000 customer accounts across the U.S. Our catalog includes more than 280,000 SKUs of branded and private-label medical-surgical products - from bandages to specialty pharmaceuticals and COVID-19 tests.

Looking Ahead : A New Chapter for MMS

McKesson has announced its intent to separate MMS into an independent company - an exciting evolution that builds on MMS's strong foundation and proven leadership in the Alternate Care space. As a standalone company, MMS would be positioned to unlock new opportunities to innovate, grow and lead with even greater agility and focus. We will also continue to be one of the largest medical-surgical distributors in the U.S., with over $11B in annual sales. This separation would accelerate our mission and empower us to shape a future defined by customer-centricity, bold thinking and operational excellence. For job seekers, it's a unique moment to join a team that's already making a meaningful impact and leading the way in shaping the future of healthcare delivery in Alternate Care settings - with even greater opportunity ahead as we prepare to become an independent company.

Career Level - M5

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, please click here.

Our Base Pay Range for this position

$172,000 - $286,600

McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson's (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:

McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.

McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.

McKesson job postings are posted on our career site: careers.mckesson.com.

About McKesson

McKesson Corporation provides medicines, pharmaceutical supplies, information and care management products and services across the healthcare industry. The Company operates in two segments. The McKesson Distribution Solutions segment delivers ethical drugs, medical-surgical supplies and equipment and health and beauty care products throughout North America. This segment also provides specialty pharmaceutical solutions for biotech and pharmaceutical manufacturers, sells financial, operational and clinical solutions for pharmacies (retail, hospital, long-term care) and provides consulting, outsourcing and other services. The McKesson Technology Solutions segment delivers enterprise-wide clinical, patient care, financial, supply chain, strategic management and software solutions. In July 2011, the Company acquired Portico Systems from Safeguard Scientifics, Inc. On March 25, 2012, it acquired the independent banner and franchise businesses of Katz Group Canada Inc. McKesson Distribution Solutions delivers pharmaceuticals to retail pharmacies and institutional providers like hospitals and health systems. They operate pharmaceutical distribution centers across the country, serving customers in all 50 states. They also deliver a comprehensive offering of health care products, technology, equipment and related services to the alternate site market, including physician offices, surgery centers, long-term care facilities and home care businesses across the country. McKesson is currently the largest pharmaceutical distributor in North America. McKesson also operates McKesson Canada and has an equity holding in Nadro, a leading distributor in Mexico.

McKesson Careers

Join McKesson, a leading global healthcare company, and be part of a team that is redefining the future of healthcare. With a variety of job opportunities available, McKesson is the perfect place to advance your career, whether you're a seasoned professional or just starting out. Work You’ll Do At McKesson, we are committed to improving care in every setting—one product, one partner, one patient at a time. We’re seeking talented professionals to join our team and contribute to a culture of innovation, diversity, and leadership. Our employees are driven by a deep sense of purpose and a desire for continuous growth and improvement. Empower Your Future in Healthcare With positions ranging from internships to leadership roles, McKesson offers unparalleled employment opportunities to develop your skills and advance your career. Our commitment to diversity training ensures that all team members have the opportunity to thrive. Join a team where your skills will be honed, your professional growth will be supported, and where you can genuinely see the difference you make in the lives of patients around the world. Innovative Work Environment McKesson is at the forefront of healthcare innovation. Our team is constantly exploring new ways to improve patient outcomes and streamline care processes. This commitment to innovation is what sets us apart and what makes McKesson an exciting place to work. Career Development and Benefits McKesson believes in nurturing the potential of its employees through robust career development programs and comprehensive benefits designed to support your life and well-being. From leadership training to health and wellness benefits, we ensure our team members are equipped to meet their professional and personal goals. Explore Job Opportunities Whether you’re looking for an internship to kickstart your career, or a senior position to utilize your extensive experience, McKesson offers a range of opportunities. Explore our open positions and find where you can make a difference at McKesson. Stay Connected Join Our Team Search for open positions that match your skills and interests. We are looking for passionate, curious, and solution-driven team players who are ready to take the next step in their careers. Keep Up to Date Stay ahead with career tips, insider perspectives, and industry-leading insights you can put to use today—all from the people who work here. Networking and Professional Growth At McKesson, networking and professional growth are part of our everyday environment. We encourage our employees to connect, share, and learn from each other to foster personal and professional development. Job Alert Emails Personalize your subscription to receive job alerts, latest news, and insider tips tailored to your preferences. Discover the exciting and rewarding career opportunities that await you at McKesson. Join McKesson today and be part of a team that is dedicated to shaping the future of healthcare.
Learn more about McKesson
Size
58,000 employees
Market Cap
$53.7 billion
Industry
Net Income
-$4.1 billion
Founded
1833
5 Year Trend
+5.9%
Revenue
$237.6 billion
NASDAQ

Similar Jobs

More Jobs at McKesson

More Information Technology Jobs

Find similar Sr. Director, Cyber Threat Detection & Response jobs: