Wintrust provides community and commercial banking, specialty finance and wealth management services through its 16 bank charters and nine non-bank businesses. Wintrust delivers the sophisticated solutions of a large bank while staying true to the relationship-focused, personalized service of our community banking roots. We serve clients in all 50 states with more than 200 branch banking locations in Illinois, southwestern Florida, northwestern Indiana, west Michigan and southern Wisconsin and commercial banking offices in Chicago, Denver, Milwaukee, Grand Rapids, Mich., and in key branch banking locations throughout Illinois. Our people are the heart of our business and we are proud to rank consistently as a top place to work. Wintrust is a $66 billion financial institution based in Rosemont, Illinois, and listed on the NASDAQ Global Select Market under the symbol “WTFC.”
Qualifications:
- 7+ years in information security, with 5+ years specializing in Threat Intelligence or Threat Hunting.
- Demonstrated experience translating adversary TTPs into operational detection logic.
- Proven ability to conduct hypothesis-driven threat hunting and telemetry correlation across endpoint, network, identity, and cloud environments.
- Experience integrating external intelligence into enterprise risk assessments and control enhancements.
- Strong understanding of financial-sector threat actors, fraud typologies, and insider risk indicators targeting banking institutions.
- Experience producing executive-level threat briefings that clearly articulate business impact, exposure, and recommended actions.
- Demonstrated ability to operate independently, exercise sound judgment, and influence cross-functional stakeholders in a regulated environment.
Why join us?
- An award-winning culture! We are rated a Top Workplace by the Chicago Tribune (past 12 years) and Employee Recommended award by the Globe & Mail (past 6 years)
- Competitive pay and discretionary or incentive bonus eligible
- Comprehensive benefit package including medical, dental, vision, life, a 401k plan with a generous company match and tuition reimbursement to name a few
- Promote from within culture
Why join this team?
- This position has the opportunity to interface with and have a positive impact on multiple areas of Wintrust's business
- We hold ourselves accountable to high standards, share wins, operate ethically, and have fun
Position Overview
The Senior Cyber Intelligence & Threat Hunting Specialist leads the integration of enterprise threat intelligence into proactive detection and risk reduction strategies. This role drives intelligence-led security operations by translating adversary tactics, techniques, and procedures into measurable detection enhancements and control improvements across the Wintrust environment. Operating with a high degree of autonomy, the specialist strengthens the organization’s ability to identify emerging threats, reduce detection gaps, and provide executive-ready intelligence that informs strategic security decisions.
What You’ll Do
- Develop and test analytical hypotheses to anticipate adversary behavior, emerging TTPs, and threat trends targeting financial institutions.
- Conduct structed TTP analysis using frameworks such as MITRE ATT&CK to map adversary tradecraft to Wintrust’s environment and control coverage.
- Partner with Security Engineering, SOC, Fraud, Insider Threat, and Physical Security to operationalize intelligence into detection logic, monitoring enhancements, and mitigation strategies.
- Develop and maintain CrowdStrike Overwatch-aligned coverage, ensuring known threat actor TTPs are actively monitored.
- Build and manage internal threat hunting playbooks, translating intelligence findings into repeatable hunt packages and detection logic.
- Define and manage an intelligence communication cadence, including who receives which products, in what format, and how often.
- Identify, evaluate, and onboard intelligence sources across open source and commercial feeds relevant to financial sector threats.
- Maintain and update the collection inventory, ensuring sources remain current, accurate, and aligned to organizational intelligence requirements.
Qualifications
- Bachelor’s degree or equivalent
- 7+ years of experience in information security with 5+ years specializing in Threat Intelligence or Threat hunting
- Demonstrated experience translating adversary TTPs into operational detection logic.
- Strong understanding of financial-sector threat actors, fraud typologies, and insider risk indicators targeting banking institutions.
- Experience producing executive-level threat briefings that clearly articulate business impact, exposure, and recommended actions.
Benefits
Medical Insurance
- Dental
- Vision
- Life insurance
- Accidental death and dismemberment
- Short-term and long-term Disability Insurance
- Parental Leave
- Employee Assistance Program (EAP)
- Traditional and Roth 401(k) with company match