Jobs · Engineering · Illinois

Senior Engineer - Threat Hunting

Cboe Global Markets · Chicago, IL · 2 wk ago
HybridEngineering$131k–$169k/yrFull-time

Role Overview

The Senior Engineer Threat Hunting will be a senior individual contributor within Cboe’s Security Operations organization, responsible for defining, advancing, and executing the enterprise approach to detection engineering, threat hunting, and adversary emulation.

This role focuses on building and maturing detection capabilities across platforms such as SIEM, EDR, identity, cloud, and SaaS environments, ensuring detections are resilient, scalable, and aligned to real-world adversary behavior.

Owning the Enterprise Detection Engineering Capability

  • Owning the enterprise detection engineering capability end-to-end, including standards, patterns, quality bars, and long-term technical direction
  • Designing, implementing, and reviewing high-fidelity detections across endpoint, identity, cloud, network, and SaaS environments

Threat Hunting and Adversary Emulation

  • Leading complex, hypothesis-driven threat hunts that address ambiguous, cross-organizational risk and novel attacker behavior
  • Partnering with internal stakeholders to design and execute adversary emulation scenarios that validate real-world detection and response effectiveness
  • Translating threat hunting outcomes into robust detections, improved telemetry, or architectural changes rather than one-off findings

Technical Lead During High Severity Incidents

  • Acting as the technical lead during highest-severity incidents, guiding investigative approach and defensive improvements

Expert Recommendations and Best Practices

  • Providing expert recommendations and best practices to security managers, technical managers, and stakeholders including legal and regulatory teams

Mentorship and Technical Bar Setting

  • Mentoring senior engineers and analysts and setting the technical bar for excellence across detection, hunting, and adversary emulation

Continuous Learning and Industry Trends

  • Staying current with industry trends, security standards, and best practices to ensure our systems remain secure against evolving threats

Requirements

  • 5-8+ years of experience in cybersecurity operations, detection engineering, threat hunting, or offensive security
  • Deep expertise in attacker tradecraft, adversary behaviors, and defensive detection techniques across multiple domains
  • Strong hands-on experience with SIEM, EDR, cloud security platforms, and large-scale log analytics (Google SecOps, Defender XDR, Crowdstrike)
  • A proven ability to solve ambiguous, systemic, cross-organizational security problems with minimal direction
  • Experience balancing hands-on execution with strategic influence, knowing when to build directly and when to enable others
  • The ability to operate with near-complete autonomy, setting technical direction rather than receiving it
  • Strong communication skills, including the ability to explain complex technical risk to senior security and technology leaders
  • Bachelor’s degree or equivalent practical experience
  • Proficiency in scripting and automation for security operations

Preferred Qualifications

  • Bachelor's Degree in Cybersecurity or Computer Science
  • System Administration experience in Windows or Linux
  • Proven ability to script and automate tasks
  • Specific experience with Google Secops SIEM, the Microsoft Security Stack, or ProofPoint Email Security Services
  • CISSP, CASP or other related security certifications

Similar jobs