Cyber Threat Hunter

Technology Organization - Information Security Office - Cyber Defense 100% Remote (working EST) About the Team The Cyber Defense & Vulnerability Threat Management teams are critical to the strategic foundation for delivery of our products, most notably the secure delivery of our new Digital SAT and AP programs. We are a highly motivated group of cyber security experts who take a proactive approach to ensuring a strong security posture. We partner across the organization to mature our Threat management and Incident Response procedures and are constantly seeking and experimenting with new technologies. We are currently using a variety of cutting-edge tools that provide comprehensive cyber security operations for the College Board's critical infrastructure in support of the College Board's mission to connect students to college success and opportunity. College Board is committed to creating an inclusive environment where all team members feel valued, respected, and supported in their work. We welcome individuals from diverse backgrounds and experiences to join our team and contribute to our ongoing success. About the Opportunity The College Board is seeking a Cyber Threat Hunter to participate in proactive detection and response of threat actors, developing new detection analytics, and providing cyber intelligence gathering and intelligence-driven cyber threat hunting. The engineer will support the Cyber Defense Team by applying analytic and technical skills to support threat hunting, investigate intrusions, identify malicious activity and potential insider threats, and to perform incident response. You will review threat data from various sources; coordinate with internal resources to provide situational awareness which aligns security posture against the quickly changing cyber threat landscape. In this role, you will :

• Assist in threat hunting to identify, classify, prioritize, and report on cyber threats following industry best practices.
• Conduct research on emerging security threats; Provide correlation and trending of cyber incident activity.
• Craft and refine detection analytics within the Security Incident and Event Management (SIEM).
• Conduct Purple Teaming exercises to help improve the College Board's security posture.
• Maintain working knowledge of advanced persistent threats tools, techniques, and procedures (TTPs) as well as forensics and incident response practices.
• Assist in digital forensics investigations for enterprise security incidents, E-Discovery legal matters, attacks / intrusions, policy violations, and insider threats investigations as well as incident management.
• Assist in executing processes within all activities within the security Incident response lifecycle. These activities include detection, triage, analysis, containment, recovery, and reporting.
• Collaborate with architects, engineers, developers, and other business unit personnel to identify and remediate weaknesses in security posture.
• Utilize automation to improve processes, respond to incidents, and to hunt for threats on the College Board network. About you, you have :
• A bachelor's degree in computer science or related technical discipline, or the equivalent combination of education, professional training, equaling 3 years of IT InfoSec related work experience.
• Exposure to enterprise-level threat hunting.
• Knowledge of how to handle critical incidents and / or breach response. Differentiators :
• Industry known certifications, such as CISSP, SSCP, CISM, CEH, CSIRT, or GIAC
• Encase, FTK, or SANS Institute Forensic Toolkit (SIFT), or similar forensics product experience.
• Experience with open source and commercial security management tools.
• Working knowledge of Threat Intelligence and Threat Profiling.
• Familiarity with network security methodologies, tactics, techniques, and procedures.
• Experience with Intrusion Detection Systems (IDS) / Intrusion Protection Systems (IPS), SIEM, and other network defense security tools.