-
Summary
Company Overview: TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the AI-Native MDR landscape.We're a fast growing startup backed by industry experts and top tier investors led by Crosspoint Capital Partners and also backed by Shield Capital, DTCP (formerly Deutsche Telekom Capital Partners), Deepwork Capital, and the Florida Opportunity Fund. Seed round led by Andreessen Horowitz (a16z). As an early employee, you'll play a meaningful role in defining and building our culture. Get in on the ground floor. We're a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside.Culture is one of the most important things at TENEX.AI—explore our culture deck at culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work.About the Opportunity: As Staff Threat Hunter, you'll own how TENEX hunts — the methodology, the tooling, the hypotheses, and the conversion of hunt findings into production detections. You'll work across multi-tenant MDR telemetry in Google SecOps / Chronicle, partnering with detection engineering to close the gaps automated alerting misses. This is a senior IC role — you set the technical direction for how hunting works at TENEX. Reports to the VP, Security.What You'll Do:Lead proactive, hypothesis-driven hunts. Run investigations across SIEM, EDR, network, and identity telemetry to surface the threats automated detection misses.Own the hunt methodology. Build, document, and refine the playbooks the team runs from. Decide what gets hunted, on what cadence, and how findings convert into permanent detections.Drive the detection engineering partnership. Work directly with detection engineers to turn hunt findings into production rules and analytics in Google SecOps / Chronicle.Operationalize Threat Intelligence. Track adversary TTPs relevant to our customer base, prioritize what matters, and translate intel into hunt hypotheses.Mentor SOC analysts and junior hunters. Pair on investigations, lead technical deep-dives, and grow the team's hunt capability.Lead complex incident investigations. When a hunt surfaces a real intrusion, run the technical investigation alongside incident response through containment.Report on program outcomes. Communicate findings to customers and internal stakeholders — what was found, what was contained, where the detection coverage gap was, and what we changed.What You Bring:8+ years in threat hunting, SOC, or incident response, with at least 3 in a senior/lead capacityDeep hands-on experience running hypothesis-driven hunts across SIEM and EDR telemetry in enterprise or MDR environmentsHands-on hunting experience in Google SecOps / Chronicle, or equivalent cloud-native SIEM (Sentinel, Splunk Cloud) with willingness to standardize on ChronicleStrong command of attacker TTPs and MITRE ATT&CK — you can map an intrusion from initial access through impact and explain the detection gap at each stageScripting fluency in Python and/or PowerShell for hunt tooling, telemetry parsing, and detection automationBonus Points:Microsoft security stack (Sentinel, Defender) depthSOAR platform experience (Tines, XSOAR, Chronicle SOAR)Cloud security depth in AWS, Azure, or GCP, including cloud-native attack patternsPublished research, conference talks, or open-source contributions in threat hunting or detection engineeringEducation & Certifications:Bachelor's degree in Computer Science, Cybersecurity, or Engineering, or a related field (or equivalent experience).Relevant certifications such as GCIH, GCFA, GCDA, OSCP, CISSP, AWS / GCP, or Splunk / Chronicle / Sentinel certifications are a plus.Why Join Us?Opportunity to define the threat hunting practice at an automation-first MDR provider — your methodology becomes the standard our customers run on.Collaborate with a talented and innovative team focused on continuously improving security operations.Competitive salary and benefits package.A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.#J-18808-Ljbffr
-
Job Description
Company Overview: TENEX is an AI-native, automation-first, built-for-scale Managed Detection and Response (MDR) provider. We are a force multiplier for defenders, helping organizations enhance their cybersecurity posture through advanced threat detection, rapid response, and continuous protection. Our team is composed of industry experts with deep experience in cybersecurity, automation and AI-driven solutions. Backed by leading investors, we are rapidly growing and seeking top talent to join our mission of revolutionizing the AI-Native MDR landscape.We're a fast growing startup backed by industry experts and top tier investors led by Crosspoint Capital Partners and also backed by Shield Capital, DTCP (formerly Deutsche Telekom Capital Partners), Deepwork Capital, and the Florida Opportunity Fund. Seed round led by Andreessen Horowitz (a16z). As an early employee, you'll play a meaningful role in defining and building our culture. Get in on the ground floor. We're a small but well-funded team that just raised a substantial round – joining now comes with limited risk and unlimited upside.Culture is one of the most important things at TENEX.AI—explore our culture deck at culture.tenex.ai to witness how we embody it, prioritizing the irreplaceable collaboration and community of in-person work.About the Opportunity: As Staff Threat Hunter, you'll own how TENEX hunts — the methodology, the tooling, the hypotheses, and the conversion of hunt findings into production detections. You'll work across multi-tenant MDR telemetry in Google SecOps / Chronicle, partnering with detection engineering to close the gaps automated alerting misses. This is a senior IC role — you set the technical direction for how hunting works at TENEX. Reports to the VP, Security.What You'll Do:Lead proactive, hypothesis-driven hunts. Run investigations across SIEM, EDR, network, and identity telemetry to surface the threats automated detection misses.Own the hunt methodology. Build, document, and refine the playbooks the team runs from. Decide what gets hunted, on what cadence, and how findings convert into permanent detections.Drive the detection engineering partnership. Work directly with detection engineers to turn hunt findings into production rules and analytics in Google SecOps / Chronicle.Operationalize Threat Intelligence. Track adversary TTPs relevant to our customer base, prioritize what matters, and translate intel into hunt hypotheses.Mentor SOC analysts and junior hunters. Pair on investigations, lead technical deep-dives, and grow the team's hunt capability.Lead complex incident investigations. When a hunt surfaces a real intrusion, run the technical investigation alongside incident response through containment.Report on program outcomes. Communicate findings to customers and internal stakeholders — what was found, what was contained, where the detection coverage gap was, and what we changed.What You Bring:8+ years in threat hunting, SOC, or incident response, with at least 3 in a senior/lead capacityDeep hands-on experience running hypothesis-driven hunts across SIEM and EDR telemetry in enterprise or MDR environmentsHands-on hunting experience in Google SecOps / Chronicle, or equivalent cloud-native SIEM (Sentinel, Splunk Cloud) with willingness to standardize on ChronicleStrong command of attacker TTPs and MITRE ATT&CK — you can map an intrusion from initial access through impact and explain the detection gap at each stageScripting fluency in Python and/or PowerShell for hunt tooling, telemetry parsing, and detection automationBonus Points:Microsoft security stack (Sentinel, Defender) depthSOAR platform experience (Tines, XSOAR, Chronicle SOAR)Cloud security depth in AWS, Azure, or GCP, including cloud-native attack patternsPublished research, conference talks, or open-source contributions in threat hunting or detection engineeringEducation & Certifications:Bachelor's degree in Computer Science, Cybersecurity, or Engineering, or a related field (or equivalent experience).Relevant certifications such as GCIH, GCFA, GCDA, OSCP, CISSP, AWS / GCP, or Splunk / Chronicle / Sentinel certifications are a plus.Why Join Us?Opportunity to define the threat hunting practice at an automation-first MDR provider — your methodology becomes the standard our customers run on.Collaborate with a talented and innovative team focused on continuously improving security operations.Competitive salary and benefits package.A culture of growth and development, with opportunities to expand your knowledge in AI, cybersecurity, and emerging technologies.#J-18808-Ljbffr
-
ABOUT THE COMPANY
-
-
Government Careers
Show moreGovernment jobs offer stability, competitive benefits, and the chance to make a meaningful impact on your community and country.
Whether you’re starting your career or seeking new opportunities, these roles provide pathways for growth, security, and service.
Explore positions across a wide range of fields and take the first step toward a rewarding future in public service.
-