Skip to main content
TryApplyNow
Tenex logo

Staff Threat Hunter

Tenex
Full TimestaffRemote
Kansas City, MO SOCRemotePosted 9 weeks ago

Role Overview

Tenex is hiring a Staff Threat Hunter. This is a full-time remote role, with the team based in Kansas City, MO SOC. Full responsibilities, required qualifications, and the apply link are listed in the description below.

Resume Keywords to Include

Make sure these keywords appear in your resume to improve ATS scoring

PythonAWSGCPAzureTelemetryORBenefitsOverview

Job description

Company Overview: TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the AI-Native MDR landscape.

We're a fast growing startup backed by industry experts and top tier investors led by Crosspoint Capital Partners and also backed by Shield Capital, DTCP (formerly Deutsche Telekom Capital Partners), Deepwork Capital, and the Florida Opportunity Fund. Seed round led by Andreessen Horowitz (a16z). As an early employee, you'll play a meaningful role in defining and building our culture. Get in on the ground floor. We're a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside.

Culture is one of the most important things at TENEX.AI http://TENEX.AI—explore our culture deck at culture.tenex.ai http://culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work.

About the Opportunity: As Staff Threat Hunter, you'll own how TENEX hunts — the methodology, the tooling, the hypotheses, and the conversion of hunt findings into production detections. You'll work across multi-tenant MDR telemetry in Google SecOps / Chronicle, partnering with detection engineering to close the gaps automated alerting misses. This is a senior IC role — you set the technical direction for how hunting works at TENEX. Reports to the VP, Security.

What You'll Do

  • Lead proactive, hypothesis-driven hunts. Run investigations across SIEM, EDR, network, and identity telemetry to surface the threats automated detection misses.
  • Own the hunt methodology. Build, document, and refine the playbooks the team runs from. Decide what gets hunted, on what cadence, and how findings convert into permanent detections.
  • Drive the detection engineering partnership. Work directly with detection engineers to turn hunt findings into production rules and analytics in Google SecOps / Chronicle.
  • Operationalize Threat Intelligence. Track adversary TTPs relevant to our customer base, prioritize what matters, and translate intel into hunt hypotheses.
  • Mentor SOC analysts and junior hunters. Pair on investigations, lead technical deep-dives, and grow the team's hunt capability.
  • Lead complex incident investigations. When a hunt surfaces a real intrusion, run the technical investigation alongside incident response through containment.
  • Report on program outcomes. Communicate findings to customers and internal stakeholders — what was found, what was contained, where the detection coverage gap was, and what we changed.

What You Bring:

  • 8+ years in threat hunting, SOC, or incident response, with at least 3 in a senior/lead capacity
  • Deep hands-on experience running hypothesis-driven hunts across SIEM and EDR telemetry in enterprise or MDR environments
  • Hands-on hunting experience in Google SecOps / Chronicle, or equivalent cloud-native SIEM (Sentinel, Splunk Cloud) with willingness to standardize on Chronicle
  • Strong command of attacker TTPs and MITRE ATT&CK — you can map an intrusion from initial access through impact and explain the detection gap at each stage
  • Scripting fluency in Python and/or PowerShell for hunt tooling, telemetry parsing, and detection automation

Bonus Points:

  • Microsoft security stack (Sentinel, Defender) depth
  • SOAR platform experience (Tines, XSOAR, Chronicle SOAR)
  • Cloud security depth in AWS, Azure, or GCP, including cloud-native attack patterns
  • Published research, conference talks, or open-source contributions in threat hunting or detection engineering

Education & Certifications:

  • Bachelor's degree in Computer Science, Cybersecurity, or Engineering, or a related field (or equivalent experience).
  • Relevant certifications such as GCIH, GCFA, GCDA, OSCP, CISSP, AWS / GCP, or Splunk / Chronicle / Sentinel certifications are a plus.

Why Join Us?

  • Opportunity to define the threat hunting practice at an automation-first MDR provider — your methodology becomes the standard our customers run on.
  • Collaborate with a talented and innovative team focused on continuously improving security operations.
  • Competitive salary and benefits package.
  • A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.

About Tenex

Tenex logo

Tenex

Hires remote

29 other open roles at Tenex on TryApplyNow.

Frequently Asked Questions

How do I apply for the Staff Threat Hunter position at Tenex?

Use the Apply button above to submit your application directly to Tenex. Most applications take less than 5 minutes if your resume and contact details are ready, and you'll be routed to the employer's official application system to finish.

Is the Staff Threat Hunter role at Tenex remote?

Yes. This is a remote role. The team is based in Kansas City, MO SOC, but the position itself does not require relocating to that office.

What does a Staff Threat Hunter at Tenex earn?

Tenex has not disclosed a salary range in this posting. Many employers share specifics later in the interview process; you can also ask during a recruiter screen if compensation transparency is important to you.

When was the Staff Threat Hunter role at Tenex posted?

This role was posted on May 4, 2026 (67 days ago). It's still listed as actively hiring; we re-confirm openings against the source system multiple times per day and remove closed roles.

AI-powered job search

Get every job scored to your resume

Upload your resume and get jobs ranked, your resume tailored, and employee contacts found automatically.

Get started free

No credit card to start