Jobs · Management · Illinois

Threat Hunter

CNA Insurance · Chicago, IL · 2 wk ago
HybridManagement$97k–$189k/yrFull-time

Essential Duties & Responsibilities

  • Leads and conducts real-time and historical analysis using the full security suite including Endpoint Protection, SIEM, Firewall, EDR, IDS, Email Gateway, Web Content Filtering, and Identity Management technologies.
  • Conducts incident response triage analysis on suspected hosts to determine potential attacks and scope.
  • Conducts threat hunting operations based on the latest threat intelligence.
  • Creates strategies for enterprise-wide hunts based on triage findings and intelligence efforts.
  • Maintains awareness of emerging attack tactics, techniques, and procedures.
  • Collaborates with SOC, Threat Intelligence, Incident Response, and Enterprise Security teams.
  • Identifies visibility gaps and recommends improvements.
  • Manages day-to-day SOC monitoring, investigations, response, and intelligence activities.
  • Collaborates in coordinating escalation for advanced forensics and malware reverse engineering.
  • Communicates security incidents clearly to business and non-technical stakeholders.

Skills, Knowledge & Abilities

  • In-depth knowledge of SIEM, IDS/IPS, web proxies, DLP, CASB, DNS security, DDoS protection, and firewalls.
  • Advanced experience with forensic tools for OS artifact, memory, and network analysis.
  • Strong understanding of malware, reverse engineering principles, and network protocols.
  • Demonstrated ability to build, execute, and lead enterprise threat hunting programs.
  • Ability to work collaboratively in high-pressure incident response environments.
  • Demonstrated ability to apply artificial intelligence and machine-learning techniques to threat hunting, including use of LLMs, UEBA, and statistical models to surface anomalous behavior, enrich low-signal telemetry, and accelerate hypothesis-driven hunts across large enterprise datasets.
  • Experience evaluating, tuning, and operationalizing AI-enabled security capabilities (e.g., AI-assisted SIEM, EDR/XDR, and detection engineering workflows), with an understanding of model limitations, bias, false-positive risk, and the need for analytically defensible outcomes suitable for executive, legal, and regulatory review.

Education & Experience

  • Bachelor’s degree in Computer Science or related discipline, or equivalent experience.
  • Typically a minimum of 10 years of experience in cyber monitoring, threat hunting, incident response, forensics, or related disciplines.

Benefits

CNA offers a comprehensive and competitive benefits package to help our employees – and their family members – achieve their physical, financial, emotional and social wellbeing goals. For a detailed look at CNA’s benefits, please visit cnabenefits.com.

Similar jobs