Apply

Ready to go for it?

AI Apply speeds things up—apply directly if you prefer.

FREE ACCESS
5,000–10,000 jobs/day
JobTailor Logo

See all jobs on JobTailor

Search thousands of fresh jobs every day.

Discover
  • Fresh listings
  • Fast filters
  • No subscription required
Create a free account and start exploring right away.
The College Board

Engineer III, Cyber Threat Hunter

The College Board

Cyber Threat Hunter defending cloud and enterprise environments at College Board. Strengthening detection and response capabilities for high-stakes programs like Digital SAT and AP.

Posted 5/1/2026full-timeRemote • 🇺🇸 United StatesMid-LevelSenior💰 $128,000 - $139,000 per yearWebsite

Tech Stack

Tools & technologies
AWSCloudPython

About the role

Key responsibilities & impact
  • Execute hypothesis-driven threat hunts across AWS, identity, endpoint, and network telemetry, documenting findings and recommended control or detection improvements.
  • Build, tune, and maintain SIEM detections focused on high-risk behaviors such as IAM misuse, persistence, privilege escalation, and data access or exfiltration.
  • Reduce alert noise through structured tuning, baselining, and enrichment while preserving meaningful coverage.
  • Map detections and hunts to MITRE ATT&CK techniques to identify and close visibility gaps.
  • Support investigation and containment of security incidents, performing log analysis, scoping impact, and documenting findings.
  • Contribute to the development and refinement of incident response playbooks for common cloud and identity-based scenarios.
  • Produce clear after-action reports that identify root cause, control gaps, and prioritized remediation steps.
  • Participate in periodic tabletop or fire drill exercises to validate readiness and improve response coordination.
  • Participate in purple team exercises to validate detection effectiveness and help prioritize remediation of identified gaps.
  • Partner with offensive testing and engineering teams to translate findings into improved detections and hardened configurations.
  • Identify opportunities to strengthen logging, telemetry coverage, and control effectiveness across cloud and enterprise systems.
  • Develop lightweight automation and scripts to improve investigation speed, enrichment, and reporting consistency.
  • Maintain well-documented detection logic, hunt results, and response procedures to improve repeatability and team scalability.
  • Share threat insights and lessons learned with the broader security and engineering community through briefings or written updates.

Requirements

What you’ll need
  • 3 to 5 years of progressive experience in cyber defense, including threat hunting, detection engineering, and incident response in enterprise environments.
  • Strong cloud security experience in AWS-heavy environments, including building detections and investigations using cloud-native telemetry (for example CloudTrail, IAM, VPC Flow Logs, CloudWatch logs, and compute or container logs).
  • Hands-on experience developing, tuning, and maintaining SIEM detections and analytics, including writing high-quality queries, building dashboards, and improving signal-to-noise.
  • Experience with Sumo Logic is strongly preferred.
  • Ability to lead threat hunts end-to-end, including hypothesis creation, data collection, analysis, documentation of findings, and recommendations grounded in attacker TTPs and frameworks such as MITRE ATT&CK.
  • Experience supporting high-severity incident response, including triage, scoping, containment guidance, and deeper analysis, with comfort serving as an escalation point for complex investigations.
  • Practical knowledge of investigative and forensic methods, including log forensics, timeline analysis, evidence handling, and documentation, to support enterprise incident investigations and E-Discovery needs as required.
  • Experience planning or participating in purple team and detection validation activities to evaluate control effectiveness and improve alerting and response outcomes.
  • Ability to operationalize and optimize security tooling by integrating log sources, improving visibility, and aligning detection coverage to current threats and business risk.
  • Strong automation and scripting skills (for example Python, PowerShell, Bash) to streamline investigations, enrich alerts, and improve repeatability across hunting and response workflows.
  • Excellent written and verbal communication skills, including producing after-action reports, threat briefings, and clear, actionable remediation guidance for technical and non-technical stakeholders.
  • A collaborative mindset with experience partnering across engineering, architecture, and development teams, and mentoring junior analysts or engineers to raise team capability.

Benefits

Comp & perks
  • Annual bonuses and opportunities for merit-based raises and promotions
  • A mission-driven workplace where your impact matters
  • A team that invests in your development and success

ATS Keywords

✓ Tailor your resume
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
threat huntingdetection engineeringincident responselog analysisSIEM detectionsautomationscriptinglog forensicsMITRE ATT&CKcloud-native telemetry
Soft Skills
communicationcollaborationleadershipdocumentationmentoringanalysisproblem-solvingreportingteamworkcreativity