Senior Cyber Intelligence & Threat Hunting Specialist
About The Position
The Senior Cyber Intelligence & Threat Hunting Specialist leads the integration of enterprise threat intelligence into proactive detection and risk reduction strategies. This role drives intelligence-led security operations by translating adversary tactics, techniques, and procedures into measurable detection enhancements and control improvements across the Wintrust environment. Operating with a high degree of autonomy, the specialist strengthens the organization’s ability to identify emerging threats, reduce detection gaps, and provide executive-ready intelligence that informs strategic security decisions.
Requirements
- 7+ years in information security, with 5+ years specializing in Threat Intelligence or Threat Hunting.
- Demonstrated experience translating adversary TTPs into operational detection logic.
- Proven ability to conduct hypothesis-driven threat hunting and telemetry correlation across endpoint, network, identity, and cloud environments.
- Experience integrating external intelligence into enterprise risk assessments and control enhancements.
- Strong understanding of financial-sector threat actors, fraud typologies, and insider risk indicators targeting banking institutions.
- Experience producing executive-level threat briefings that clearly articulate business impact, exposure, and recommended actions.
- Demonstrated ability to operate independently, exercise sound judgment, and influence cross-functional stakeholders in a regulated environment.
- Bachelor’s degree or equivalent
Responsibilities
- Develop and test analytical hypotheses to anticipate adversary behavior, emerging TTPs, and threat trends targeting financial institutions.
- Conduct structed TTP analysis using frameworks such as MITRE ATT&CK to map adversary tradecraft to Wintrust’s environment and control coverage.
- Partner with Security Engineering, SOC, Fraud, Insider Threat, and Physical Security to operationalize intelligence into detection logic, monitoring enhancements, and mitigation strategies.
- Develop and maintain CrowdStrike Overwatch-aligned coverage, ensuring known threat actor TTPs are actively monitored.
- Build and manage internal threat hunting playbooks, translating intelligence findings into repeatable hunt packages and detection logic.
- Define and manage an intelligence communication cadence, including who receives which products, in what format, and how often.
- Identify, evaluate, and onboard intelligence sources across open source and commercial feeds relevant to financial sector threats.
- Maintain and update the collection inventory, ensuring sources remain current, accurate, and aligned to organizational intelligence requirements.
Benefits
- Medical Insurance
- Dental
- Vision
- Life insurance
- Accidental death and dismemberment
- Short-term and long-term Disability Insurance
- Parental Leave
- Employee Assistance Program (EAP)
- Traditional and Roth 401(k) with company match
- Flexible Spending Account (FSA)
- Employee Stock Purchase Plan at 5% discount
- Critical Illness Insurance
- Accident Insurance
- Transportation and Commuting Benefits
- Banking Benefits
- Pet Insurance
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
1,001-5,000 employees
