1

Detection Engineer Jobs in Virginia (NOW HIRING)

System Security Engineer LOCATION Reston, VA 20190 CLEARANCE TS/SCI Full Poly (Please note this ... Proficiency in configuring firewalls and intrusion detection systems * Strong knowledge of ...

System Security Engineer LOCATION Chantilly, VA 20151 CLEARANCE TS/SCI Full Poly (Please note this ... Proficiency in configuring firewalls and intrusion detection systems * Strong knowledge of ...

System Security Engineer LOCATION Tysons, VA 22182 CLEARANCE TS/SCI Full Poly (Please note this ... Proficiency in configuring firewalls and intrusion detection systems * Strong knowledge of ...

Partnering closely with data scientists, detection engineers, analysts, and other InfoSec teams, you will deliver trusted, governed data assets that enable automation, AI-driven analytics, and high ...

next page

Showing results 1-20

Detection Engineer information

See Virginia salary details

$10.7K

$152.1K

$187.2K

How much do detection engineer jobs pay per year?

As of Jul 15, 2026, the average yearly pay for detection engineer in Virginia is $152,103.00, according to ZipRecruiter salary data. Most workers in this role earn between $139,072.00 and $167,761.00 per year, depending on experience, location, and employer.

What does a Detection Engineer do?

A Detection Engineer is responsible for identifying, analyzing, and mitigating security threats by developing detection rules, monitoring security systems, and responding to potential incidents. They work with security tools like SIEMs, EDRs, and IDS/IPS to detect malicious activity and improve threat detection capabilities. Additionally, they collaborate with security teams to enhance defensive strategies and automate detection processes.

What kind of projects or tasks does a Detection Engineer typically work on?

As a Detection Engineer, you can expect to work on designing, implementing, and refining security detection strategies to identify potential threats and vulnerabilities in company systems. Daily responsibilities often include developing detection logic, analyzing security alerts, conducting threat hunting exercises, and collaborating with incident response teams. You may also work closely with other cybersecurity professionals to evaluate the effectiveness of existing security measures and recommend improvements. This dynamic environment offers opportunities to work on complex technical challenges while directly contributing to the organization’s overall security posture.

What are the key skills and qualifications needed to thrive in the Detection Engineer position, and why are they important?

To thrive as a Detection Engineer, you need strong analytical skills, a solid understanding of cybersecurity principles, and experience with threat detection and response, often supported by a degree in computer science or a related field. Proficiency with security information and event management (SIEM) tools, intrusion detection/prevention systems, and certifications like GIAC or CISSP are commonly required. Attention to detail, proactive problem-solving abilities, and effective communication enhance effectiveness in this role. These skills are crucial as Detection Engineers must accurately identify security threats, collaborate with teams, and minimize potential risks to the organization.

What are the most commonly searched types of Detection Engineer jobs in Virginia? The most popular types of Detection Engineer jobs in Virginia are:
What cities in Virginia are hiring for Detection Engineer jobs? Cities in Virginia with the most Detection Engineer job openings:
Infographic showing various Detection Engineer job openings in Virginia as of July 2026, with employment types broken down into 92% Full Time, 5% Part Time, and 3% Contract. Highlights an 91% Physical, 2% Hybrid, and 7% Remote job distribution, with an average salary of $152,103 per year, or $73.1 per hour.
Sr. Director, Cyber Threat Detection & Response

Sr. Director, Cyber Threat Detection & Response

McKesson

Richmond, VA • On-site

$109K - $148K/yr

Full-time

Posted 15 days ago


McKesson rating

7.9

Company rating: 7.9 out of 10

Based on 208 frontline employees who took The Breakroom Quiz

41st of 74 rated pharmaceutical


Job description

McKesson is an impact-driven, Fortune 10 company that touches virtually every aspect of healthcare. We are known for delivering insights, products, and services that make quality care more accessible and affordable. Here, we focus on the health, happiness, and well-being of you and those we serve - we care.

What you do at McKesson matters. We foster a culture where you can grow, make an impact, and are empowered to bring new ideas. Together, we thrive as we shape the future of health for patients, our communities, and our people. If you want to be part of tomorrow's health today, we want to hear from you.

Sr. Director, Cyber Threat Detection & Response

Location: Richmond, VA, USA - 9954 Mayland Drive (on-site)

The Opportunity


The Sr. Director, Threat Detection and Response (TDR) is responsible for leading a comprehensive enterprise capability that designs, implements, and operates scalable detection and response mechanisms while driving remediation of security gaps across technology environments (cloud, endpoints, identity, network, applications, and data platforms). This leader partners closely with the CISO organization, Technology Leadership, risk/compliance, and business stakeholders to prioritize investments, set standards, and ensure measurable improvements in detection fidelity, response readiness, and remediation throughput.

This role requires strong technical depth in threat detection and response as well as the leadership maturity tooperateat the executive level. The DirectorestablishesTDR strategy, roadmaps, and success metrics; governs an operating rhythm for detection coverage and remediation execution; and ensures outcomes are delivered across multiple teams (often via influence).

Key Responsibilities

  • Define and own the enterprise TDR strategy and operating model (detection engineering, alerting standards, response readiness, and remediation governance) aligned to business risk and technology priorities.

  • Establish and report executive-level metrics and scorecards (e.g., detection coverage, alert quality, MTTD/MTTR, response readiness, remediation SLAs, risk reduction) and drive continuous improvement based on outcomes.

  • Leadselection, adoption, and lifecycle management of detection and response tooling and telemetry (SIEM, EDR/XDR, SOAR, UEBA, threat intel integrations, cloud logging, and case management), including integration standards and data quality requirements.

  • Partner with Security Operations (SOC/CSIRT), threat intelligence, vulnerability management, and platform teams to ensure detections map to prioritized threats and that response playbooks and automation are effective and current.

  • Establish remediation governance to drive closure of systemic security gapsidentifiedthrough incidents, threat hunting, purple teaming, and control validation; ensure clear ownership, prioritization, timelines, and exception processes.

  • Drive enterprise telemetry and logging strategy in partnership with engineering and infrastructure: ensure critical systems are instrumented, logs areretainedappropriately, and detections can be built and tuned against reliable data sources.

  • Lead and develop TDR talent (leaders, detection engineers, analysts) through hiring, coaching, performance management, and capability development; ensure teams have the training, tools, and operating disciplinerequiredfor success.

  • Manage cross-functional stakeholder relationships and communications (Technology leaders, risk/compliance, audit, legal/privacy as needed), translating technical risk into business impact and driving alignment on funding, priorities, and delivery commitments.

  • Provide governance for incident and post-incident remediation: ensure lessons learned translate into durable controlimprovements, andconduct regular exercises/tabletops tovalidatereadiness and benchmark progress.


Minimum Requirements

  • Degree or equivalentexperience. Typically requires15+ years of professionalexperience and 10+ years ofdiversified leadership, planning,communication, organization,and people motivation skills (orequivalent experience).

Skills and Qualifications:

  • 15+ years of cybersecurity experience with significant depth in threat detection, incident response, and security operations, including 10+ years leading teams and/or enterprise programs.

  • Hands-on and leadership experience with detection and response platforms and practices (SIEM content engineering, EDR/XDR, SOAR automation, threat intel integration, logging/telemetry pipelines, and case management).

  • Proven ability to drive remediation outcomes atscale establishingSLAs, clarifying ownership, prioritizing backlogs, and closing systemic gaps surfaced by incidents, hunts, and assessments.

  • Executive-ready communication and stakeholder management skills, including the ability to present risk, progress, and investment needs to senior leadership and influence decisions

  • Demonstrated ability to set strategy, secure organizational alignment/approvals, and deliver outcomes through multiple stakeholders (Security, Infrastructure, Cloud, Application/Product, and business teams).

  • Deep understanding of detection engineering, telemetry pipelines, and security analytics: SIEM content engineering, EDR/XDR detections, SOAR automation, threat intelligence integration, alert triage models, and case management workflows.

  • Strong risk communication skills: able to translate detection gaps and remediation tradeoffs into business impact, present to executives, and drive decisions to closure.

  • Experienceestablishingoversight metrics and operational rhythms (OKRs/KPIs, reporting, service reviews) and using data to improve alert quality, reduce noise, and accelerate remediation throughput.

  • Working knowledge of relevant governance and regulatory expectations and the ability to partner effectively with audit/compliance and privacy stakeholders whileoperatingan effective detection and response capability.

  • Track recordof building high-performing teams and leading with integrity, accountability, and operational discipline; known for clear communication, sound judgment, and reliable execution.

  • Experience developing multi-year roadmaps and influencing investment decisions (people, tooling, telemetry, automation) to improve enterprise detection and remediation outcomes.

  • Proven capability managing vendor relationships and service contracts for security tooling and managed services, including defining requirements and measuring performance against outcomes.

  • Strong understanding of privacy considerations andappropriate monitoringpractices; able to partner with Legal/Privacy and HR as needed and ensure monitoring and investigationsremainwithin policy and regulatory boundaries.

  • Experienceoperatingin hybrid/cloud environments and partnering with platform teams to instrument systems (cloud logging, identity signals, endpoint telemetry, network data) for reliable detections.

  • Strong strategic and tactical decision-makingableto balance speed and risk, define compensating controls, and drive complex remediation decisions across multiple owners.

  • Experience leading or sponsoring purple team activities, tabletop exercises, and control validation to continuously improve detection coverage and response playbooks.

  • Trusted leader who builds credibility with executives and teams through transparency, follow-through, and a strong culture of operational excellence.

Education Requirements

  • Bachelorsdegree in computer science, information security/assurance, engineering, ora relatedfield; advanced degree preferred or equivalent experience.

.

Certification Requirements

  • Relevant certifications (preferred): CISSP, CISM, GIAC/SANS, +, SSCP, or equivalent foundational security certification. TDR/SecOps certifications (a plus): Google Cloud Professional Cloud Security Engineer and/or Associate Cloud Engineer, Google Professional Cloud DevOps Engineer, and/or GIAC certifications (e.g., GSEC, GCIH) depending on role focus. and/or cloud/security engineering certifications aligned to theteamsplatforms.

About Medical-Surgical

McKesson Medical-Surgical (MMS) is a subsidiary and publicly reported segment of the McKesson Corporation. MMS distributes medical-surgical supplies, pharmaceuticals, diagnostic equipment and supplies, along with other solutions and services to virtually every type of healthcare setting and provider outside of the traditional hospital. These markets - often referred to as Alternate Care or Non-Acute Care - include physician offices, surgery centers, long-term care providers, laboratories, home health and hospice agencies, health systems, government facilities and online marketplaces and retailers.

Alternate Care markets are growing rapidly and MMS is proud to be a leader in this space. With a team of approximately 8,000 employees, a network of 15 distribution centers and approximately 900 delivery vehicles, we partner with more than 2,200 leading manufacturers and serve over 200,000 customer accounts across the U.S. Our catalog includes more than 280,000 SKUs of branded and private-label medical-surgical products - from bandages to specialty pharmaceuticals and COVID-19 tests.

Looking Ahead: A New Chapter for MMS

McKesson has announced its intent to separate MMS into an independent company - an exciting evolution that builds on MMS's strong foundation and proven leadership in the Alternate Care space. As a standalone company, MMS would be positioned to unlock new opportunities to innovate, grow and lead with even greater agility and focus. We will also continue to be one of the largest medical-surgical distributors in the U.S., with over $11B in annual sales. This separation would accelerate our mission and empower us to shape a future defined by customer-centricity, bold thinking and operational excellence. For job seekers, it's a unique moment to join a team that's already making a meaningful impact and leading the way in shaping the future of healthcare delivery in Alternate Care settings - with even greater opportunity ahead as we prepare to become an independent company.

Career Level - M5

We are proud to offer a competitive compensation package at McKesson as part of our Total Rewards. This is determined by several factors, including performance, experience and skills, equity, regular job market evaluations, and geographical markets. The pay range shown below is aligned with McKesson's pay philosophy, and pay will always be compliant with any applicable regulations. In addition to base pay, other compensation, such as an annual bonus or long-term incentive opportunities may be offered. For more information regarding benefits at McKesson, pleaseclick here.

Our Base Pay Range for this position

$172,000 - $286,600

McKesson has become aware of online recruiting-related scams in which individuals who are not affiliated with or authorized by McKesson are using McKesson's (or affiliated entities, like CoverMyMeds or RxCrossroads) name in fraudulent emails, job postings or social media messages. In light of these scams, please bear the following in mind:
McKesson Talent Advisors will never solicit money or credit card information in connection with a McKesson job application.


McKesson Talent Advisors do not communicate with candidates via online chatrooms or using email accounts such as Gmail or Hotmail. Note that McKesson does rely on a virtual assistant (Gia) for certain recruiting-related communications with candidates.

McKesson job postings are posted on our career site: careers.mckesson.com.

McKesson is an Equal Opportunity Employer

McKesson provides equal employment opportunities to applicants and employees, without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, disability, age, genetic information, or any other legally protected category. For additional information on McKesson's full Equal Employment Opportunity policies, visit our Equal Employment Opportunity page.

McKesson is committed to being an Equal Employment Opportunity Employer and offers opportunities to all job seekers including job seekers with disabilities. If you need a reasonable accommodation to assist with your job search or application for employment, please contact us by sending an email to (United States) Disability_Accommodation@McKesson.com or (Canada) Accessibility@mckesson.ca. Resumes or CVs submitted to this email box will not be accepted.

Join us at McKesson!


What McKesson employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom