TheCollegeBoard Senior Cyber Threat Hunter - REQ000580_43245530923_15-3175 in Topeka, Kansas
This job was posted by https://www.kansasworks.com : For more information, please see: https://www.kansasworks.com/jobs/12020725 Senior Cyber Threat Hunter
College Board - Technology Division
100% Remote US based, working core EST hours
About the Team
The College Board Cyber Defense team is a proactive security team responding and hunting for the latest security exploits. We act as the first layer of defense for the organization, operating with the support of multiple security tools, including, but not limited to: Crowdstrike, Sumo Logic, Akamai WAF, and Microsoft Defender. In addition to digital forensic and incident response, we also seek to validate active vulnerabilities on endpoints and web applications with purple teaming exercises.
About the Opportunity
We are seeking an experienced Cyber Threat Hunter to perform proactive detection and response of threat actors, develop new detection methodologies, and provide cyber intelligence gathering and intelligence-driven cyber threat hunting.
In this role you will:
+ Use data analytics, critical threat intelligence, and the latest security technologies to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.
+ Review threat data from various sources; coordinate with leadership, as well as internal resources to provide situational awareness to align security posture against the quickly changing cyber threat landscape.
+ Support the Cyber Defense Center by applying analytic and technical skills to investigate intrusions, identify malicious activity and potential insider threats, and perform incident response.
+ Support Threat Engineering and Automation initiatives in the form of developing automated playbooks to help enhance our network deception program.
+ You have been working in Information Technology for at least 7 years, with a minimum of 5 years' experience in Information Security.
+ You maintain expert knowledge of advanced persistent threat tools, techniques, and procedures (TTPs) as well as forensics and incident response practices.
+ You maintain situational awareness and report on advanced threats, including Advanced Persistent Threats (APT) and incidents.
+ You have an established threat hunting and modeling methodology to identify, classify, prioritize, and report on cyber threats using a structured approach.
+ You embrace the responsibility for executing processes, including all activities within the security incident response lifecycle. This includes detection, triage, analysis, containment, recovery, and reporting.
+ You have established relationships across an organization to coordinate a change in security posture, inform vulnerability impact and severity levels as well as inform Security enhancements and best practices.
+ You enjoy automating manual tasks and have scripting experience in Python.