Senior Cyber Intelligence & Threat Hunting Specialist

Wintrust provides community and commercial banking, specialty finance and wealth management services through its 16 bank charters and nine non-bank businesses. Wintrust delivers the sophisticated solutions of a large bank while staying true to the relationship-focused, personalized service of our community banking roots. We serve clients in all 50 states with more than 200 branch banking locations in Illinois, southwestern Florida, northwestern Indiana, west Michigan and southern Wisconsin and commercial banking offices in Chicago, Denver, Milwaukee, Grand Rapids, Mich., and in key branch banking locations throughout Illinois. Our people are the heart of our business and we are proud to rank consistently as a top place to work. Wintrust is a $66 billion financial institution based in Rosemont, Illinois, and listed on the NASDAQ Global Select Market under the symbol “WTFC.”

Why join us?

• An award-winning culture! We are rated a Top Workplace by the Chicago Tribune (past 12 years) and Employee Recommended award by the Globe & Mail (past 6 years)

• Competitive pay and discretionary or incentive bonus eligible

• Comprehensive benefit package including medical, dental, vision, life, a 401k plan with a generous company match and tuition reimbursement to name a few

• Promote from within culture

Why join this team?

• This position has the opportunity to interface with and have a positive impact on multiple areas of Wintrust's business

• We hold ourselves accountable to high standards, share wins, operate ethically, and have fun

What You’ll Do:

The Senior Cyber Intelligence & Threat Hunting Specialist leads the integration of enterprise threat intelligence into proactive detection and risk reduction strategies. This role drives intelligence-led security operations by translating adversary tactics, techniques, and procedures into measurable detection enhancements and control improvements across the Wintrust environment. Operating with a high degree of autonomy, the specialist strengthens the organization’s ability to identify emerging threats, reduce detection gaps, and provide executive-ready intelligence that informs strategic security decisions.

• Develop and test analytical hypotheses to anticipate adversary behavior, emerging TTPs, and threat trends targeting financial institutions.

• Conduct structed TTP analysis using frameworks such as MITRE ATT&CK to map adversary tradecraft to Wintrust’s environment and control coverage.

• Partner with Security Engineering, SOC, Fraud, Insider Threat, and Physical Security to operationalize intelligence into detection logic, monitoring enhancements, and mitigation strategies.

• Develop and maintain CrowdStrike Overwatch-aligned coverage, ensuring known threat actor TTPs are actively monitored.  

• Build and manage internal threat hunting playbooks, translating intelligence findings into repeatable hunt packages and detection logic.

• Define and manage an intelligence communication cadence, including who receives which products, in what format, and how often.

• Identify, evaluate, and onboard intelligence sources across open source and commercial feeds relevant to financial sector threats.

• Maintain and update the collection inventory, ensuring sources remain current, accurate, and aligned to organizational intelligence requirements.

Qualifications:

• Bachelor’s degree or equivalent

• 7+ years of experience in information security with 5+ years specializing in Threat Intelligence or Threat hunting

• Demonstrated experience translating adversary TTPs into operational detection logic.

• Strong understanding of financial-sector threat actors, fraud typologies, and insider risk indicators targeting banking institutions.

• Experience producing executive-level threat briefings that clearly articulate business impact, exposure, and recommended action

• Strong understanding of financial-sector threat actors, fraud typologies, and insider risk indicators targeting banking institutions. 

• Experience producing executive-level threat briefings that clearly articulate business impact, exposure, and recommended actions. 

• Demonstrated ability to operate independently, exercise sound judgment, and influence cross-functional stakeholders in a regulated environment.

• Proven ability to conduct hypothesis-driven threat hunting and telemetry correlation across endpoint, network, identity, and cloud environments. 

• Experience integrating external intelligence into enterprise risk assessments and control enhancements.

Benefits:

Medical Insurance • Dental • Vision • Life insurance • Accidental death and dismemberment • Short-term and long-term Disability Insurance • Parental Leave • Employee Assistance Program (EAP) • Traditional and Roth 401(k) with company match • Flexible Spending Account (FSA) • Employee Stock Purchase Plan at 5% discount • Critical Illness Insurance • Accident Insurance • Transportation and Commuting Benefits • Banking Benefits • Pet Insurance

Compensation:

The estimated salary range for this role is $117,000.00 - $158,000.00, along with eligibility to earn an annual bonus. Actual salaries may vary based on several factors, such as a candidate’s qualifications, skills and experience.

#LI-Hybrid

From our first day in business, Wintrust has been proud to serve a variety of unique communities and people from all walks of life.  To build a company that reflects the communities we serve, we believe that fostering a unique and inclusive workplace where everyone feels valued and empowered to succeed will support our ongoing success.  Wintrust Financial Corporation, including community banking and financial services subsidiaries, is an Equal Opportunity Employer.  All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, age, national origin, disability, veteran status, genetic information, and other legally protected categories.