Security Operations Specialist
Cboe Global Markets is a leading provider of market infrastructure and trading solutions, dedicated to building trusted markets powered by their people. The Security Operations Specialist role is designed for entry-level candidates to develop skills in cybersecurity operations, including monitoring, incident response, and threat intelligence, while working closely with experienced analysts and engineers.
Responsibilities
- Monitoring and triaging security alerts across SIEM, EDR, email security, cloud, and identity platforms
- Performing initial analysis and investigation of security events, escalating incidents as appropriate
- Assisting with incident response activities, including evidence collection, timeline development, and documentation
- Supporting threat hunting efforts by executing queries, validating hypotheses, and documenting findings
- Contributing to detection engineering by testing, tuning, and helping maintain detection rules and alerts
- Assisting red team and purple team activities through log review, detection validation, and exercise support
- Supporting threat intelligence workflows, including indicator research, enrichment, and operationalization
- Participating in DLP and insider threat monitoring, helping identify potential data misuse or policy violations
- Documenting procedures, playbooks, and lessons learned to improve operational consistency
- Collaborating with engineering and operations teams to improve alert quality, visibility, and response outcomes
- Participating in on‑call or shift‑based SOC coverage as part of a team‑based rotation
Skills
- 1-2 years of experience in system administration, IT, helpdesk or similar roles
- A strong interest in cybersecurity operations and a desire to learn across multiple security domains
- Foundational understanding of security concepts, such as networking, operating systems, authentication, and common attack techniques
- Familiarity with at least some security tooling or data sources (e.g., logs, alerts, endpoint telemetry), gained through coursework, labs, internships, or self‑study
- Analytical thinking skills and the ability to follow structured investigative processes
- Curiosity and persistence when researching unfamiliar behaviors or technologies
- Strong written and verbal communication skills, including clear documentation of findings
- Ability to work effectively in a team‑based, fast‑paced operational environment
- Bachelor's degree in cybersecurity, computer science, information technology, or a related field — or equivalent practical experience
- Hands‑on experience from internships, labs, home projects, capture‑the‑flag (CTF) exercises, or security competitions
- Exposure to scripting or query languages (e.g., basic Python, PowerShell, KQL, SQL, or similar)
- Familiarity with attacker techniques or frameworks such as MITRE ATT&CK
- Demonstrated interest in threat hunting, detection engineering, or red teaming through self‑directed learning
- Strong documentation habits, including writing clear investigation notes or technical summaries
- A growth mindset and eagerness to rotate across different security functions before specializing
- Relevant entry‑level certifications (e.g., Security+, Blue Team Level 1, or similar), though not required
Benefits
- Fair and competitive salary and incentive compensation packages with an upside for overachievement