Jobs · Kansas

Staff Threat Hunter

TENEX.AI · Overland Park, KS · 6 days ago
HybridFull-time

About the role

As Staff Threat Hunter, you'll own how TENEX hunts — the methodology, the tooling, the hypotheses, and the conversion of hunt findings into production detections. You'll work across multi-tenant MDR telemetry in Google SecOps / Chronicle, partnering with detection engineering to close the gaps automated alerting misses. This is a senior IC role — you set the technical direction for how hunting works at TENEX.

Responsibilities

  • Lead proactive, hypothesis-driven hunts.
  • Run investigations across SIEM, EDR, network, and identity telemetry to surface the threats automated detection misses.
  • Own the hunt methodology.
  • Build, document, and refine the playbooks the team runs from.
  • Decide what gets hunted, on what cadence, and how findings convert into permanent detections.
  • Drive the detection engineering partnership.
  • Work directly with detection engineers to turn hunt findings into production rules and analytics in Google SecOps / Chronicle.
  • Operationalize Threat Intelligence.
  • Track adversary TTPs relevant to our customer base, prioritize what matters, and translate intel into hunt hypotheses.
  • Mentor SOC analysts and junior hunters.
  • Pair on investigations, lead technical deep-dives, and grow the team's hunt capability.
  • Lead complex incident investigations.
  • When a hunt surfaces a real intrusion, run the technical investigation alongside incident response through containment.
  • Report on program outcomes.
  • Communicate findings to customers and internal stakeholders — what was found, what was contained, where the detection coverage gap was, and what we changed.

Requirements

  • 8+ years in threat hunting, SOC, or incident response, with at least 3 in a senior/lead capacity.
  • Deep hands-on experience running hypothesis-driven hunts across SIEM and EDR telemetry in enterprise or MDR environments.
  • Strong command of attacker TTPs and MITRE ATT&CK — you can map an intrusion from initial access through impact and explain the detection gap at each stage.
  • Scripting fluency in Python and/or PowerShell for hunt tooling, telemetry parsing, and detection automation.

Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, or Engineering, or a related field (or equivalent experience).
  • Relevant certifications such as GCIH, GCFA, GCDA, OSCP, CISSP, AWS / GCP, or Splunk / Chronicle / Sentinel certifications are a plus.

Similar jobs

Threat Hunter

TENEX.AISan Jose, CA· 1 wk ago
Business Developmentapply on tenex.ai

Threat Hunter

TENEX.AISarasota, FL· 3 wk ago
Managementapply on tenex.ai

Threat Hunter

TENEX.AIOverland Park, KS· 1 wk ago
Business Developmentapply on tenex.ai

Threat Hunter

TENEX.AIUnited States· 1 wk ago
RemoteBusiness Developmentapply on tenex.ai