Senior Cyber Intelligence & Threat Hunting Specialist
Why join us?
An award-winning culture! We are rated a Top Workplace by the Chicago Tribune (past 12 years) and Employee Recommended award by the Globe & Mail (past 6 years)
Competitive pay and discretionary or incentive bonus eligible
Comprehensive benefit package including medical, dental, vision, life, a 401k plan with a generous company match and tuition reimbursement to name a few
Promote from within culture
Why join this team?
This position has the opportunity to interface with and have a positive impact on multiple areas of Wintrust's business
We hold ourselves accountable to high standards, share wins, operate ethically, and have fun
What You’ll Do
The Senior Cyber Intelligence & Threat Hunting Specialist leads the integration of enterprise threat intelligence into proactive detection and risk reduction strategies
This role drives intelligence-led security operations by translating adversary tactics, techniques, and procedures into measurable detection enhancements and control improvements across the Wintrust environment
Operating with a high degree of autonomy, the specialist strengthens the organization’s ability to identify emerging threats, reduce detection gaps, and provide executive-ready intelligence that informs strategic security decisions
- Develop and test analytical hypotheses to anticipate adversary behavior, emerging TTPs, and threat trends targeting financial institutions
- Conduct structured TTP analysis using frameworks such as MITRE ATT&CK to map adversary tradecraft to Wintrust’s environment and control coverage
- Partner with Security Engineering, SOC, Fraud, Insider Threat, and Physical Security to operationalize intelligence into detection logic, monitoring enhancements, and mitigation strategies
- Develop and maintain CrowdStrike Overwatch-aligned coverage, ensuring known threat actor TTPs are actively monitored
- Build and manage internal threat hunting playbooks, translating intelligence findings into repeatable hunt packages and detection logic
- Define and manage an intelligence communication cadence, including who receives which products, in what format, and how often
- Identify, evaluate, and onboard intelligence sources across open source and commercial feeds relevant to financial sector threats
- Maintain and update the collection inventory, ensuring sources remain current, accurate, and aligned to organizational intelligence requirements
Qualifications
- Bachelor’s degree or equivalent
- 7+ years of experience in information security with 5+ years specializing in Threat Intelligence or Threat hunting
- Demonstrated experience translating adversary TTPs into operational detection logic
- Strong understanding of financial-sector threat actors, fraud typologies, and insider risk indicators targeting banking institutions
- Experience producing executive-level threat briefings that clearly articulate business impact, exposure, and recommended action
- Demonstrated ability to operate independently, exercise sound judgment, and influence cross-functional stakeholders in a regulated environment
- Proven ability to conduct hypothesis-driven threat hunting and telemetry correlation across endpoint, network, identity, and cloud environments
- Experience integrating external intelligence into enterprise risk assessments and control enhancements