Senior Cybersecurity Engineer — Vulnerability and Threat Management.
Vulnerability Management Program Ownership
Owns the end-to-end vulnerability management lifecycle: asset inventory, scanning, prioritization, remediation tracking, exception management, and metrics reporting.
Operates and tunes vulnerability scanning infrastructure across on-premises, cloud, and hybrid environments.
Develops and maintains risk-based prioritization frameworks that account for asset criticality, threat intelligence context, exploitability (EPSS, KEV), and regulatory exposure.
Evaluates and operationalizes AI-driven vulnerability prioritization and automated triage capabilities within scanning and remediation workflows, reducing manual effort while maintaining appropriate human oversight.
Develops and enforces a vulnerability management standard including SLAs for remediation timelines by severity, with graduated escalation paths appropriate for a higher education environment.
Threat Intelligence Integration
Consumes, analyzes, and operationalizes threat intelligence and open-source feeds (CISA KEV, sector ISACs), and higher education-specific sources (REN-ISAC) to inform vulnerability prioritization and defensive posture.
Produces threat intelligence summaries for the CISO and institutional leadership, translating adversary activity into actionable risk context.
Correlates vulnerability data with threat intelligence to identify exposures actively targeted by threat actors, ensuring remediation efforts focus on real-world exploitability rather than CVSS scores alone.
Leverages generative AI platforms to accelerate threat intelligence analysis, including rapid synthesis of advisories, campaign reporting, and indicator enrichment.
Monitors the evolving threat landscape for emerging vulnerabilities, zero-day disclosures, and adversary TTPs relevant to Dartmouth’s regulatory and research profile.
Contributes threat-informed context to incident response, security architecture reviews, and risk assessments across the cybersecurity team.
Cross-Functional Remediation Coordination
Drives remediation outcomes with system administrators, application owners, research computing teams, and third-party vendors.
Develops strong working relationships with decentralized IT groups across academic departments and research labs to gain cooperation without mandate authority.
Coordinates with the endpoint management team and infrastructure teams to validate remediation and compensating controls.
Reporting & Governance
Produces recurring vulnerability posture and threat landscape reports for the CISO, CIO, and institutional leadership, translating scan output and intelligence into risk narratives, trend analysis, and remediation progress metrics.
Maintains dashboards that provide real-time visibility into vulnerability posture by business unit, asset class, and regulatory domain.
Supports audit and compliance evidence collection.
Briefs institutional governance bodies as needed on vulnerability trends, threat actor activity, and residual risk.
Continuous Improvement
Integrates vulnerability management data with cybersecurity tooling to enable correlated, threat-informed prioritization.
Evaluates and recommends tooling enhancements, including external attack surface management (EASM), container/cloud-native scanning, and AI-augmented vulnerability analytics.
Develops and maintains operational runbooks for scanning operations, emergency out-of-cycle scanning (zero-day response), threat intelligence workflows, and integration with the incident response process.
Contributes to the broader cybersecurity engineering function, including participation in incident response, threat hunting, and security architecture reviews as needed.