×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Project Manager Security Manager

Director, Cyber Detection & Response

Job in Springfield, Sangamon County, Illinois, 62762, USA
Listing for: Cardinal Health
Full Time position
Listed on 2026-06-04
Job specializations:
  • IT/Tech
    Cybersecurity, IT Project Manager, Security Manager
Job Description & How to Apply Below
** _What Cybersecurity Defense contributes to Cardinal Health_*
* Cybersecurity Defense focuses heavily on threat detection, incident response, and implementing security measures to protect our digital assets and infrastructure at Cardinal Health. The  _Director, Cyber Detection & Response_  is responsible for establishing, leading, and continuously enhancing cybersecurity detection, monitoring, and incident response capabilities to protect the organization from evolving cyber threats. Furthermore, this leader oversees Security Operations Center (SOC) operations, cyber threat detection, incident response, threat intelligence, and security testing functions to enable rapid identification, containment, and remediation of cybersecurity threats.

This role plays a critical role in driving proactive defense strategies, improving detection and response capabilities, and ensuring alignment with risk and resilience objectives.

** Location**  - Open to candidates nationwide working in a fully remote capacity, with preference towards those based in Central or Eastern time zones (willingness to travel into our Corporate HQ in Dublin, OH during certain period of the year is a plus)

** Responsibilities*
* + Develop and lead the cybersecurity detection and response strategy aligned with enterprise risk, threat landscape, and business priorities.

+ Establish governance frameworks and operating models for SOC, incident response, and threat management functions.

+ Serve as an advisor to leadership on threat trends, detection capabilities, and response readiness.

+ Drive continuous improvement of detection and response capabilities to address evolving threats and business needs.

+ Oversee SOC operations, including security logging, monitoring, alerting, and incident triage across the environment.

+ Oversee effective use of SIEM platforms to analyze correlated events, detect anomalies, and escalate potential incidents.

+ Lead the development and optimization of detection use cases, analytics, and monitoring strategies to improve visibility across the environment.

+ Oversee monitoring capabilities across IT and OT environments, ensuring coverage of critical systems and infrastructure.

+ Lead detection engineering and security tooling functions, including SIEM, SOAR, EDR, UEBA, and DLP capabilities.

+ Oversee the definition and implementation of use cases, rules, and configurations to improve automated detection, investigation, and response workflows.

+ Drive optimization and integration of security tools to enhance operational efficiency and reduce false positives.

+ Establish and lead threat intelligence capabilities to gather, analyze, and operationalize threat data from internal and external sources.

+ Oversee threat monitoring, analysis, and detection rule enhancement to proactively identify emerging threats.

+ Lead threat modeling activities to identify attack vectors, vulnerabilities, and control gaps across systems and processes.

+ Drive proactive threat hunting initiatives to identify hidden threats and indicators of compromise (IoCs) within the environment.

+ Lead enterprise incident response (IR) capabilities, including planning, testing, execution, and continuous improvement of IR processes.

+ Oversee incident response lifecycle activities including detection, triage, containment, eradication, and recovery.

+ Oversee incident response simulations and exercises to validate readiness and improve response effectiveness.

+ Enable effective coordination of incident response efforts across cybersecurity, IT, legal, and business stakeholders.

+ Manage breach notification processes and communication protocols for cybersecurity incidents.

+ Oversee digital forensics and investigative activities to determine the scope, root cause, and impact of cybersecurity incidents.

+ Ensure proper evidence collection, analysis, and documentation to support investigations and regulatory requirements.

+ Lead post-incident reviews and root cause analysis to strengthen detection and response capabilities.

+ Lead offensive and defensive security testing capabilities, including red teaming, penetration testing, and adversarial simulations.

+ Oversee blue team operations to detect, analyze, and respond to threats across enterprise environments.

+ Facilitate purple teaming activities to enhance collaboration between offensive and defensive teams and improve detection and response effectiveness.

+ Drive continuous improvement of security controls through testing, validation, and simulation exercises.

+ Collaborate with cybersecurity, IT, risk, legal, and business teams to integrate detection and response capabilities into enterprise operations.

+ Partner with architecture, engineering, and infrastructure teams to ensure detection and response requirements are embedded into system design and deployment.

+ Provide actionable insights and reporting to leadership on threat landscape, incident trends, and response effectiveness.

+ Support audit and regulatory activities by providing…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search