Security Operations Specialist

Cboe Global Markets is a leading provider of market infrastructure and trading solutions, dedicated to building trusted markets powered by their people. The Security Operations Specialist role is designed for entry-level candidates to develop skills in cybersecurity operations, including monitoring, incident response, and threat intelligence, while working closely with experienced analysts and engineers.

Responsibilities

• Monitoring and triaging security alerts across SIEM, EDR, email security, cloud, and identity platforms
• Performing initial analysis and investigation of security events, escalating incidents as appropriate
• Assisting with incident response activities, including evidence collection, timeline development, and documentation
• Supporting threat hunting efforts by executing queries, validating hypotheses, and documenting findings
• Contributing to detection engineering by testing, tuning, and helping maintain detection rules and alerts
• Assisting red team and purple team activities through log review, detection validation, and exercise support
• Supporting threat intelligence workflows, including indicator research, enrichment, and operationalization
• Participating in DLP and insider threat monitoring, helping identify potential data misuse or policy violations
• Documenting procedures, playbooks, and lessons learned to improve operational consistency
• Collaborating with engineering and operations teams to improve alert quality, visibility, and response outcomes
• Participating in on‑call or shift‑based SOC coverage as part of a team‑based rotation

Skills

• 1-2 years of experience in system administration, IT, helpdesk or similar roles
• A strong interest in cybersecurity operations and a desire to learn across multiple security domains
• Foundational understanding of security concepts, such as networking, operating systems, authentication, and common attack techniques
• Familiarity with at least some security tooling or data sources (e.g., logs, alerts, endpoint telemetry), gained through coursework, labs, internships, or self‑study
• Analytical thinking skills and the ability to follow structured investigative processes
• Curiosity and persistence when researching unfamiliar behaviors or technologies
• Strong written and verbal communication skills, including clear documentation of findings
• Ability to work effectively in a team‑based, fast‑paced operational environment
• Bachelor's degree in cybersecurity, computer science, information technology, or a related field — or equivalent practical experience
• Hands‑on experience from internships, labs, home projects, capture‑the‑flag (CTF) exercises, or security competitions
• Exposure to scripting or query languages (e.g., basic Python, PowerShell, KQL, SQL, or similar)
• Familiarity with attacker techniques or frameworks such as MITRE ATT&CK
• Demonstrated interest in threat hunting, detection engineering, or red teaming through self‑directed learning
• Strong documentation habits, including writing clear investigation notes or technical summaries
• A growth mindset and eagerness to rotate across different security functions before specializing
• Relevant entry‑level certifications (e.g., Security+, Blue Team Level 1, or similar), though not required

Benefits

• Fair and competitive salary and incentive compensation packages with an upside for overachievement