Staff Threat Hunter

Tenex
Scottsdale; Sarasota; FL HQ, US
Remote

Who this role is best for

Aimed at senior cybersecurity professionals who thrive in hypothesis-driven threat hunting and mentoring within an AI-native MDR environment.

Best fit for

  • Senior threat hunters with deep SIEM and EDR experience in enterprise or MDR settings.
    — “Deep hands-on experience running hypothesis-driven hunts across SIEM and EDR telemetry in enterprise or MDR environments
  • Leaders who can operationalize threat intelligence into actionable hunt hypotheses.
    — “Operationalize Threat Intelligence. Track adversary TTPs relevant to our customer base, prioritize what matters, and translate intel into hunt hypotheses.
  • Technical mentors capable of growing junior hunters and SOC analysts.
    — “Mentor SOC analysts and junior hunters. Pair on investigations, lead technical deep-dives, and grow the team's hunt capability.

Things to consider

  • In-person work is prioritized despite being a tech role.
    — “prioritizing the irreplaceable collaboration and community of in-person work
  • Requires hands-on experience with Google SecOps or willingness to standardize on it.
    — “with willingness to standardize on Chronicle

How to stand out

  • Showcase published research or talks on threat hunting to demonstrate thought leadership.
    — “Published research, conference talks, or open-source contributions in threat hunting or detection engineering
  • Highlight cloud security expertise, especially in AWS, Azure, or GCP.
    — “Cloud security depth in AWS, Azure, or GCP, including cloud-native attack patterns
  • Emphasize scripting fluency in Python or PowerShell for automation.
    — “Scripting fluency in Python and/or PowerShell for hunt tooling, telemetry parsing, and detection automation
Pace · Fast PacedCollaboration · HighAutonomy · HighDecision Impact · TeamLevel · Senior

Derived from job-description analysis by Serendipath's career intelligence engine.

What success looks like

  • Develop and refine threat hunting methodologies
  • Convert hunt findings into production detections
Typical background
threat hunting experiencecybersecurity background

Skills & requirements

Required

Threat HuntingSIEM And EDR TelemetryMitre Att&ck FrameworkGoogle Secops / Chronicle

Preferred

Cloud-native SIEMKubernetes

Stack & domain

Threat HuntingSiemEdrNetworkIdentity TelemetryGoogle Secops / ChronicleMitre Att&ckAdversary TtpsDetection EngineeringMentorshipTechnical Deep-divesComplex Incident InvestigationsReporting On Program OutcomesGoogle Secops / Chronicle CertificationsCybersecurityMdrAi-nativeAutomation-first

About the role

As a Staff Threat Hunter at Tenex, you will lead the proactive identification of cyber threats that automated systems miss, working closely with detection engineers to convert findings into actionable detections, while also mentoring junior team members and contributing to the company's growing culture of innovation and excellence.

Original posting from Tenex via Ashby

Company Overview: TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the AI-Native MDR landscape.

We're a fast growing startup backed by industry experts and top tier investors led by Crosspoint Capital Partners and also backed by Shield Capital, DTCP (formerly Deutsche Telekom Capital Partners), Deepwork Capital, and the Florida Opportunity Fund. Seed round led by Andreessen Horowitz (a16z). As an early employee, you'll play a meaningful role in defining and building our culture. Get in on the ground floor. We're a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside.

Culture is one of the most important things at TENEX.AI http://TENEX.AI—explore our culture deck at culture.tenex.ai http://culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work.

About the Opportunity: As Staff Threat Hunter, you'll own how TENEX hunts — the methodology, the tooling, the hypotheses, and the conversion of hunt findings into production detections. You'll work across multi-tenant MDR telemetry in Google SecOps / Chronicle, partnering with detection engineering to close the gaps automated alerting misses. This is a senior IC role — you set the technical direction for how hunting works at TENEX. Reports to the VP, Security.

What You'll Do:

  • Lead proactive, hypothesis-driven hunts. Run investigations across SIEM, EDR, network, and identity telemetry to surface the threats automated detection misses.
  • Own the hunt methodology. Build, document, and refine the playbooks the team runs from. Decide what gets hunted, on what cadence, and how findings convert into permanent detections.
  • Drive the detection engineering partnership. Work directly with detection engineers to turn hunt findings into production rules and analytics in Google SecOps / Chronicle.
  • Operationalize Threat Intelligence. Track adversary TTPs relevant to our customer base, prioritize what matters, and translate intel into hunt hypotheses.
  • Mentor SOC analysts and junior hunters. Pair on investigations, lead technical deep-dives, and grow the team's hunt capability.
  • Lead complex incident investigations. When a hunt surfaces a real intrusion, run the technical investigation alongside incident response through containment.
  • Report on program outcomes. Communicate findings to customers and internal stakeholders — what was found, what was contained, where the detection coverage gap was, and what we changed.

What You Bring:

  • 8+ years in threat hunting, SOC, or incident response, with at least 3 in a senior/lead capacity
  • Deep hands-on experience running hypothesis-driven hunts across SIEM and EDR telemetry in enterprise or MDR environments
  • Hands-on hunting experience in Google SecOps / Chronicle, or equivalent cloud-native SIEM (Sentinel, Splunk Cloud) with willingness to standardize on Chronicle
  • Strong command of attacker TTPs and MITRE ATT&CK — you can map an intrusion from initial access through impact and explain the detection gap at each stage
  • Scripting fluency in Python and/or PowerShell for hunt tooling, telemetry parsing, and detection automation

Bonus Points:

  • Microsoft security stack (Sentinel, Defender) depth
  • SOAR platform experience (Tines, XSOAR, Chronicle SOAR)
  • Cloud security depth in AWS, Azure, or GCP, including cloud-native attack patterns
  • Published research, conference talks, or open-source contributions in threat hunting or detection engineering

Education & Certifications:

  • Bachelor's degree in Computer Science, Cybersecurity, or Engineering, or a related field (or equivalent experience).
  • Relevant certifications such as GCIH, GCFA, GCDA, OSCP, CISSP, AWS / GCP, or Splunk / Chronicle / Sentinel certifications are a plus.

Why Join Us?

  • Opportunity to define the threat hunting practice at an automation-first MDR provider — your methodology becomes the standard our customers run on.
  • Collaborate with a talented and innovative team focused on continuously improving security operations.
  • Competitive salary and benefits package.
  • A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.

Source: Tenex careers (Ashby)

Similar roles