Engineer III, Cyber Threat Hunter

College Board

Job Overview

Location

Remote - USA

Job Type

Full-time

Full Job Description

📋 Description

• As a Cyber Threat Hunter on College Board’s Cyber Security Operations team, you will play a critical role in defending the cloud and enterprise environments that power high-stakes programs like the Digital SAT and AP exams, ensuring exam integrity and student trust through proactive threat detection and response.
• Day to day, you will execute hypothesis-driven threat hunts across AWS, identity, endpoint, and network telemetry; build and tune SIEM detections for high-risk behaviors; support incident investigations and containment; contribute to playbook development; participate in purple team exercises; and develop automation to improve investigation speed and documentation consistency.
• The Cyber Security Operations team is a highly motivated group of experts focused on maturing threat management and incident response, partnering across the organization to strengthen security posture for College Board’s critical infrastructure, with a commitment to inclusivity, collaboration, and continuous improvement.
• In this role, you will deepen your expertise in cloud security, threat hunting frameworks like MITRE ATT&CK, SIEM tuning, incident response, and automation; gain visibility into national-scale AWS environments; and contribute to a mission-driven organization that values learning, collaboration, and impact in expanding educational opportunity.

🎯 Requirements

• 3 to 5 years of progressive experience in cyber defense, including threat hunting, detection engineering, and incident response in enterprise environments
• Strong cloud security experience in AWS-heavy environments, including building detections and investigations using cloud-native telemetry (CloudTrail, IAM, VPC Flow Logs, CloudWatch logs, compute or container logs)
• Hands-on experience developing, tuning, and maintaining SIEM detections and analytics, including writing high-quality queries and improving signal-to-noise; experience with Sumo Logic is strongly preferred
• Ability to lead threat hunts end-to-end, including hypothesis creation, data collection, analysis, documentation, and recommendations grounded in attacker TTPs and frameworks such as MITRE ATT&CK
• Experience supporting high-severity incident response, including triage, scoping, containment guidance, and deeper analysis, with comfort serving as an escalation point for complex investigations
• Strong automation and scripting skills (Python, PowerShell, Bash) to streamline investigations, enrich alerts, and improve repeatability across hunting and response workflows

🏖️ Benefits

• Competitive hiring range of $128,000-$139,000, with salary adjusted by location for fairness
• Opportunity to work remotely full-time, with hybrid option available for those near College Board offices (Tuesday and Wednesday in office)
• Comprehensive benefits package designed to help you thrive, including meaningful career growth and a supportive team environment
• Commitment to transparent compensation conversations and fairness in hiring practices
• Access to professional development and learning opportunities aligned with College Board’s Operating Principles, including continuous growth and collaboration

Skills & Technologies

Python

AWS

Kubernetes

Remote

$128k-139k

Ready to Apply?

Apply Externally

You will be redirected to an external site to apply.

College Board

Visit Website

About College Board

College Board is a nonprofit membership organization founded in 1900 that develops and administers standardized tests, curricula, and programs to expand access to higher education. It owns and operates the SAT, PSAT, AP, and CLEP examinations, supports college planning tools, and partners with schools and universities to promote college readiness. The organization also offers scholarship search services and data-driven research reports on educational trends and equity.

View Company Profile

Get more remote jobs like this

Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.

Weekly remote jobs and featured talent.

No spam. Only curated remote roles and product updates. You can unsubscribe anytime.