Senior Engineer - Threat

Job Overview

Senior Engineer Threat Hunting is a senior individual contributor in Cboe’s Security Operations organization. You will define, advance, and execute the enterprise approach to detection engineering, threat hunting, and adversary emulation across platforms such as SIEM, EDR, identity, cloud, and SaaS environments.

This role follows a four‑day in‑office model at Cboe HQ in the historic Old Post Office district of Chicago. The building offers expansive spaces, natural light, and access to major transportation hubs.

• Own the enterprise detection engineering capability end‑to‑end, including standards, patterns, quality bars, and long‑term technical direction.
• Design, implement, and review high‑fidelity detections across endpoint, identity, cloud, network, and SaaS environments.
• Lead complex, hypothesis‑driven threat hunts that address ambiguous, cross‑organizational risk and novel attacker behavior.
• Translate threat hunting outcomes into robust detections, improved telemetry, or architectural changes rather than one‑off findings.
• Partner with internal stakeholders to design and execute adversary emulation scenarios that validate real‑world detection and response effectiveness.
• Identify systemic detection and response gaps and drive remediation across engineering, operations, and architecture teams.
• Act as the technical lead during highest‑severity incidents, guiding investigative approach and defensive improvements.
• Influence security strategy, roadmaps, and investment decisions by translating technical findings into business and risk context.
• Provide expert recommendations and best practices to security managers, technical managers, and stakeholders including legal and regulatory teams.
• Mentor senior engineers and analysts and set the technical bar for excellence across detection, hunting, and adversary emulation.
• Stay current with industry trends, security standards, and best practices to ensure systems remain secure against evolving threats.

• 5–8+ years of experience in cybersecurity operations, detection engineering, threat hunting, or offensive security.
• Deep expertise in attacker tradecraft, adversary behaviors, and defensive detection techniques across multiple domains.
• Strong hands‑on experience with SIEM, EDR, cloud security platforms, and large‑scale log analytics (e.g., "Google Sec Ops", "Microsoft Defender XDR", Crowd Strike).
• Proven ability to solve ambiguous, systemic, cross‑organizational security problems with minimal direction.
• Experience balancing hands‑on execution with strategic influence, knowing when to build directly and when to enable others.
• Ability to operate with near‑complete autonomy, setting technical direction rather than receiving it.
• Strong communication skills, including the ability to explain complex technical risk to senior security and technology leaders.
• Bachelor’s degree or equivalent practical experience.
• Proficiency in scripting and automation for security operations.

• Bachelor’s Degree in Cybersecurity or Computer Science.
• System Administration experience in Windows or Linux.
• Proven ability to script and automate tasks.
• Specific experience with Google Sec Ops SIEM, the Microsoft Security Stack, or ProofPoint Email Security Services.
• CISSP, CASP or other related security certifications.

Competitive base salary ranging from $130,900 to $169,400, with potential annual incentive compensation and participation in long‑term equity programs.

• Generous paid time off, including vacation, personal days, sick days, and community service days.
• Health, dental, and vision coverage with access to telemedicine and mental health services.
• 401(k) match up to 8%.
• Employee Stock Purchase Plan.
• Tax‑saving accounts for health, dependent, and transportation.
• Volunteer opportunities and charitable giving match.
• Paid parental leave and fertility benefits.
• On‑site gyms and discounts to other fitness centers.
• Paid tuition assistance and education opportunities.

We are an equal opportunity employer and do not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status. This position is not eligible for visa sponsorship.