Senior Engineer - Threat Hunting

Job Description: Building trusted markets —powered by our people. At Cboe, we inspire our people to solve complex challenges together because what we do matters. We provide the financial infrastructure that powers the global economy. As a leading provider of market infrastructure and tradable products, Cboe delivers cutting-edge trading, clearing and investment solutions to market participants around the world. We’re building inclusive ways to support professional and personal development while strengthening the trust we’ve earned as a global market leader. Our teams are empowered to share ideas, actively pursue them and bring on a challenge. As champions of internal mobility and access to opportunity, we encourage our people to “go for it” and equip our managers with the training to coach their teams to the next level. Our Associate Resource Groups champion diversity, equity and inclusion, giving associates a safe space to network, share ideas and create opportunities. PLEASE NOTE: To support strong partnership and team connection, this role follows a four day in office work model. Location Overview Cboe HQ is located in the historic Old Post Office district, it’s a landmark that blends classic architecture with modern amenities. The building features expansive spaces with high ceilings and large windows, offering an abundance of natural light and panoramic views of the city skyline and the Chicago River. With its prime location in the heart of downtown, the OPO Building provides easy access to major transportation hubs, including Union Station and multiple CTA lines, making it convenient for commuters. The building is home to a variety of amenities, including restaurants, a fitness center, and collaborative workspaces, creating a vibrant and dynamic work environment in one of Chicago's most iconic areas. Role Overview The Senior Engineer Threat Hunting will be a senior individual contributor within Cboe’s Security Operations organization, responsible for defining, advancing, and executing the enterprise approach to detection engineering, threat hunting, and adversary emulation. This role focuses on building and maturing detection capabilities across platforms such as SIEM, EDR, identity, cloud, and SaaS environments, ensuring detections are resilient, scalable, and aligned to real‑world adversary behavior. The Senior Engineer Threat Hunting will lead complex, hypothesis‑driven threat hunts, partner closely with stakeholders to design and execute adversary emulation scenarios, and translate findings into durable detections, improved telemetry, and architectural enhancements. This individual will also serve as a technical lead during the most complex or high‑severity security incidents, shaping investigative approach and long‑term defensive improvements. In this role you’ll be responsible for: Owning the enterprise detection engineering capability end‑to‑end, including standards, patterns, quality bars, and long‑term technical direction Designing, implementing, and reviewing high‑fidelity detections across endpoint, identity, cloud, network, and SaaS environments Leading complex, hypothesis‑driven threat hunts that address ambiguous, cross‑organizational risk and novel attacker behavior Translating threat hunting outcomes into robust detections, improved telemetry, or architectural changes rather than one‑off findings Partnering with internal stakeholders to design and execute adversary emulation scenarios that validate real‑world detection and response effectiveness Identifying systemic detection and response gaps and driving remediation across engineering, operations, and architecture teams Acting as the technical lead during highest‑severity incidents, guiding investigative approach and defensive improvements Influencing security strategy, roadmaps, and investment decisions by translating technical findings into business and risk context Provide expert recommendations and best practices to security managers, technical managers, and stakeholders including legal and regulatory teams. Mentoring senior engineers and analysts and setting the technical bar for excellence across detection, hunting, and adversary emulation Stay current with industry trends, security standards, and best practices to ensure our systems remain secure against evolving threats. The ideal candidate has: 5-8+ years of experience in cybersecurity operations, detection engineering, threat hunting, or offensive security Deep expertise in attacker tradecraft, adversary behaviors, and defensive detection techniques across multiple domains Strong hands‑on experience with SIEM, EDR, cloud security platforms, and large‑scale log analytics (Google SecOps, Defender XDR, Crowdstrike) A proven ability to solve ambiguous, systemic, cross‑organizational security problems with minimal direction Experience balancing hands‑on execution with strategic influence, knowing when to build directly and when to enable others The ability to operate with near‑complete autonomy, setting technical direction rather than receiving it Strong communication skills, including the ability to explain complex technical risk to senior security and technology leaders Bachelor’s degree or equivalent practical experience Proficiency in scripting and automation for security operations. You’ll really stand out with: Bachelor's Degree in Cybersecurity or Computer Science System Administration experience in Windows or Linux Proven ability to script and automate tasks Specific experience with Google Secops SIEM, the Microsoft Security Stack, or ProofPoint Email Security Services CISSP, CASP or other related security certifications #LI-CP2 Benefits and Perks of working for Cboe Global Markets We value the total wellbeing of our people – including health, financial, personal and social wellness. We believe standard benefits like health insurance and fair pay are a given at any organization. Still, you should know we offer: Fair and competitive salary and incentive compensation packages with an upside for overachievement Generous paid time off, including vacation, personal days, sick days and annual community service days Health, dental and vision benefits, including access to telemedicine and mental health services 2:1 401(k) match, up to 8% match immediately upon hire Discounted Employee Stock Purchase Plan Tax Savings Accounts for health, dependent and transportation Employee referral bonus program Volunteer opportunities to help you give back to your communities Some of our associates’ favorite benefits and perks include: Complimentary lunch, snacks and coffee in any Cboe office Paid Tuition assistance and education opportunities Generous charitable giving company match Paid parental leave and fertility benefits On-site gyms and discounts to other fitness centers Paid Time Off More About Cboe Global Markets We’re reimagining the future of the workplace by focusing on what matters most, our people. Our journey is an inclusive one. We’re investing deeply in leadership programs and career development initiatives that ensure everyone has an equal chance to succeed. We work with purpose, solving problems with ingenuity, collaboration, and a lot of passion. We’re an engaged and excited team connecting markets across borders and embracing growth in all its forms to achieve incredible outcomes. Learn more about life at Cboe on our website and LinkedIn. Equal Employment Opportunity We're proud to be an equal opportunity employer do not discriminate against any employee or applicant for employment based on any legally protected characteristic, including race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, genetic information, or veteran status. We are committed to fostering a workplace where all individuals are valued and respected. This position is not eligible for visa sponsorship. Candidates must be legally authorized to work in the United States without the need for employer sponsorship now or in the future. Salary Ranges (applicable for US locations only) At Cboe, we are committed to providing a competitive, transparent, and market‑informed total rewards program. The anticipated base salary range for this role is $130,900-$169,400, with actual compensation determined by job‑related factors such as skills, relevant experience, education, internal alignment, and location. This role may also be eligible for annual incentive compensation and, where applicable, participation in Cboe's long-term equity programs. Additional information about Cboe's total rewards program, including benefits and other compensation components, can be found here: Total Rewards at CBOE. Any communication from Cboe regarding this position will only come from a Cboe recruiter who has a @cboe.com email or via LinkedIn Recruiter. Cboe does not use any other third party communication tools for recruiting purposes. Cboe is always looking for intelligent, innovative and hard-working individuals. Our success is based on our talented team of industry and technology professionals, which we believe is the strongest in the industry, and we pride ourselves on hiring the best and brightest. Cboe Global Markets is an Equal Opportunity Employer. For more information, please click the following links: Equal Employment Opportunity is The Law (in English) Equal Employment Opportunity is The Law (in Spanish) Equal Employment Opportunity is The Law (Supplement) E-Verify Participation Poster (English & Spanish) Right to Work Poster (English) Right to Work Poster (Spanish) If you have been contacted about a job opening at Cboe by someone that does not have a @cboe.com email, this is NOT a trusted source. Cboe only utilizes emails from @cboe.com or Linkedin messaging for recruitment purposes. Cboe does not use any other third-party messaging applications. We recommend that you refrain from responding to Cboe recruitment emails that are not from a cboe.com email address and to file a complaint with the Internet Crime Complaint Center IC3 at If you have further questions, please reach out to the Cboe HR team at View email address on click.appcast.io