Threat Hunter

Company Summary: TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the AI-Native MDR landscape.

We’re a fast growing startup backed by industry experts and top tier investors led by Crosspoint Capital Partners and also backed by Shield Capital, DTCP (formerly Deutsche Telekom Capital Partners), Deepwork Capital, and the Florida Opportunity Fund. Seed round led by Andreessen Horowitz (a16z). As an early employee, you’ll play a meaningful role in defining and building our culture. Get in on the ground floor. We’re a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside

Job Summary: We are seeking a highly skilled and proactive Threat Hunter to join our Security Operations team. The ideal candidate will have a strong background in hypothesis-driven data analysis, including long tail and anomaly detection, cybersecurity, coupled with experience in leveraging AI and machine learning (ML) technologies, particularly in the context of Google’s SecOps platform (e.g. Google Chronicle), to enhance the detection, analysis, and response to security incidents. This role is integral to safeguarding the organization's digital infrastructure, ensuring rapid detection of threats, and supporting continuous improvement of security processes.

Culture is one of the most important things at TENEX.AI—explore our culture deck at culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work.

Key Responsibilities:

• Threat Hunting

  • Proactively search for indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) used by threat actors.

  • Analyze and correlate security telemetry from various sources, including SIEM, EDR, network logs, and threat intelligence feeds.

  • Conduct threat modeling and hypothesis-driven investigations to uncover hidden threats.

  • Collaborate with SOC analysts and incident responders to investigate and contain security incidents.

  • Develop and refine detection rules, signatures, and threat hunting methodologies.

  • Stay ahead of emerging threats by researching new attack vectors, adversary techniques, and malware trends.

  • Provide detailed reports on findings, including mitigation strategies and recommendations.

  • Contribute to the continuous improvement of threat detection capabilities through automation and AI-driven analysis.

• Threat Monitoring & Detection:

  • Monitor security alerts and events across the enterprise network, using both traditional cybersecurity tools and AI/ML-powered threat detection systems.

  • Leverage Google Chronicle's capabilities for threat intelligence and log analysis, enhancing visibility and providing insights into potential security incidents.

  • Apply AI to identify patterns, anomalies, and behaviors indicative of potential security incidents, reducing false positives and improving detection accuracy.

• Incident Response & Analysis:

  • Investigate and analyze security incidents and breaches, leveraging AI to automate initial analysis and enhance threat hunting efforts.

  • Utilize Google SecOps and Chronicle’s advanced tools to centralize security data, correlate events, and accelerate incident response workflows.

  • Apply machine learning algorithms to identify emerging threats and trends, providing actionable insights for incident response.

• Google SecOps & Chronicle Integration:

  • Work with Google SecOps platform tools to streamline security operations, improve threat visibility, and automate workflows.

  • Collaborate with IT, Security, and Data Science teams to integrate Google Chronicle’s capabilities into the SOC, enhancing threat detection and incident resolution.

  • Optimize Google Chronicle for log management, threat hunting, and advanced analytics.

• Security Automation:

  • Develop and maintain automated workflows for common security incidents, leveraging AI for intelligent decision-making and faster response times.

  • Automate routine SOC tasks such as log analysis, incident classification, and threat intelligence enrichment using Google SecOps and Chronicle integrations.

• Reporting & Documentation:

  • Create detailed incident reports, risk assessments, and threat intelligence summaries, integrating AI-driven findings and insights.

  • Prepare regular performance and security posture reports for internal stakeholders, highlighting key AI-driven improvements and threat mitigation outcomes.

• Collaboration & Knowledge Sharing:

  • Work closely with cross-functional teams (e.g., IT, Customer Success, DevOps, Engineering, Data Science) to promote and improve AI-driven security initiatives and improve the customers' overall security posture.

  • Share knowledge of AI-powered security techniques and Google SecOps tools with SOC team members to enhance their capabilities in threat detection and incident response.

Qualifications:

• Education: Bachelor’s degree in Computer Science, Information Security, or a related field, or equivalent work experience. Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

• Experience:

  • 3+ years of experience in a Threat Hunting, Security Operations Center (SOC) or a similar security-focused role.

  • Strong understanding of attacker methodologies, malware analysis, and digital forensics.

  • Hands-on experience with security tools such as SIEM, EDR, SOAR, and forensic analysis platforms.

  • Proficiency in scripting languages (Python, PowerShell, etc.) for automating threat detection and analysis.

  • Interest in applying automation and/or artificial intelligence and machine learning techniques to cybersecurity tasks, such as threat detection, anomaly detection, and security automation.

  • Hands-on experience with security analytics, log management, threat hunting, and incident response

  • Hands-on experience with Google SecOps platform (Google Chronicle) is a strong plus.

  • Hands-on experience with the Microsoft security platform (Sentinel, Defender) is a plus.

• Technical Skills:

  • Strong understanding of cybersecurity concepts and frameworks (e.g., NIST, Mitre, ISO, Killl Chain).

  • Experience with AI/ML tools for cybersecurity, such as intrusion detection systems (IDS), SIEM tools, and security automation platforms.

  • Proficiency in scripting languages (e.g., Python, PowerShell) for automation and integration.

  • Knowledge of security technologies such as firewalls, endpoint protection, IDS/IPS, and threat intelligence platforms.

  • Practical experience working with Google SecOps tools and Chronicle for centralized threat intelligence and event correlation a plus.

• Soft Skills:

  • Strong analytical and problem-solving skills.

  • Team player, ability work with internal teams and external customers.

  • Ability to work under pressure in a fast-paced, dynamic environment.

Preferred Skills:

• Experience with security orchestration, automation, and response (SOAR) platforms.

• Exposure to cloud security platforms (e.g., AWS, Azure, Google Cloud) and the associated risks.

Why Join Us?

• Opportunity to work with cutting-edge AI-driven cybersecurity technologies and Google SecOps solutions.

• Collaborate with a talented and innovative team focused on continuously improving security operations.

• Competitive salary and benefits package.

• A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.

If you're passionate about combining cybersecurity expertise with artificial intelligence and have experience with Google SecOps and Chronicle, we encourage you to apply!