Description

Dartmouth College seeks a Senior Cybersecurity Engineer to own and mature the institution's vulnerability management program, integrate threat intelligence into vulnerability prioritization and defensive operations, and leverage AI to accelerate both disciplines. This role is responsible for the full vulnerability management lifecycle - from asset discovery and scanning through risk-rated prioritization, remediation coordination, and executive reporting - enriched by threat intelligence that ties vulnerability data to real-world adversary activity. You will operate across a complex environment that includes academic and administrative systems, research computing infrastructure, and a hybrid cloud footprint.

Description

What You'll Join

Dartmouth's cybersecurity program is in an active investment and maturation phase under new CISO leadership. You won't be slotting into a static operation - you'll be helping build it. The team values technical depth, clear communication, and pragmatic risk management over checkbox compliance. You'll work with modern tooling, have direct input on how AI transforms vulnerability and threat intelligence operations, and sit at the intersection of technical execution and institutional risk strategy. The mission matters: protecting a world-class research university, its students, its faculty, and the sensitive data entrusted to it.

Required Qualifications - Education and Yrs Exp

Bachelor's degree

Required Qualifications - Skills, Knowledge and Abilities

• Bachelor's degree in computer science, cybersecurity, information systems, or a related field - or equivalent professional experience.
• 5+ years of hands-on cybersecurity engineering experience, with at least 3 years directly managing or operating a vulnerability management program.
• Experience building vulnerability management or threat intelligence programs from early maturity.
• Deep working knowledge of enterprise vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7).
• Experience consuming and operationalizing threat intelligence from commercial platforms, ISACs, and open-source feeds to inform defensive operations.
• Experience with developing vulnerability management API integrations and automations with other cybersecurity technologies.
• Demonstrated ability to drive remediation with stakeholders outside your direct reporting chain.
• Solid understanding of CVSS scoring, EPSS , KEV catalog usage, and risk-based prioritization beyond "patch everything critical."
• Strong written and verbal communication skills.

Preferred Qualifications

• Experience in higher education, healthcare, or other environments with decentralized IT governance and federated system ownership.
• Working knowledge of industry leading EDR , SIEM and Log Management platforms.
• Hands-on experience applying AI/ML tools to vulnerability management or threat intelligence workflows - including generative AI for analysis acceleration, AI-driven prioritization models, or automated enrichment pipelines.
• Familiarity with AI-specific threat vectors (prompt injection, model manipulation, data exfiltration via AI tooling) and their implications for vulnerability management programs.
• Familiarity with compliance frameworks relevant to research universities: CMMC / NIST 800-171, HIPAA , GLBA , FERPA , ITAR / EAR .
• Experience with threat intelligence platforms (TIPs), STIX / TAXII , and MITRE ATT &CK framework mapping.
• Experience with external attack surface management ( EASM ) and cloud-native vulnerability assessment.
• Relevant certifications: GEVA , GCIH , GCTI , CTIA , CISSP , or equivalent.

Department Contact for Recruitment Inquiries

Kyle Hastbacka

Department Contact Phone Number

[email protected]

Department Contact for Cover Letter and Title

Tom Nudd, Chief Information Security Officer

Department Contact's Phone Number

Equal Opportunity Employer

Dartmouth College is an equal opportunity employer under federal law. We prohibit discrimination on the basis of race, color, religion, sex, age, national origin, sexual orientation, gender identity or expression, disability, veteran status, marital status, or any other legally protected status. Applications are welcome from all.

Background Check

Employment in this position is contingent upon consent to and successful completion of a pre-employment background check, which may include a criminal background check, reference checks, verification of work history, conduct review, and verification of any required academic credentials, licenses, and/or certifications, with results acceptable to Dartmouth College. A criminal conviction will not automatically disqualify an applicant from employment. Background check information will be used in a confidential, non-discriminatory manner consistent with state and federal law.

Is driving a vehicle (e.g. Dartmouth vehicle or off road vehicle, rental car, personal car) an essential function of this job?

Not an essential function

Special Instructions to Applicants

Dartmouth College has a Tobacco-Free Policy. Smoking and the use of tobacco-based products (including smokeless tobacco) are prohibited in all facilities, grounds, vehicles or other areas owned, operated or occupied by Dartmouth College with no exceptions. For details, please see our policy. https://policies.dartmouth.edu/policy/tobacco-free-policy

Additional Instructions

Key Accountabilities

Description

Vulnerability Management Program Ownership -

• Owns the end-to-end vulnerability management lifecycle: asset inventory, scanning, prioritization, remediation tracking, exception management, and metrics reporting.
• Operates and tunes vulnerability scanning infrastructure across on-premises, cloud, and hybrid environments.
• Develops and maintains risk-based prioritization frameworks that account for asset criticality, threat intelligence context, exploitability ( EPSS , KEV ), and regulatory exposure.
• Evaluates and operationalizes AI-driven vulnerability prioritization and automated triage capabilities within scanning and remediation workflows, reducing manual effort while maintaining appropriate human oversight.
• Develops and enforces a vulnerability management standard including SLAs for remediation timelines by severity, with graduated escalation paths appropriate for a higher education environment.

Percentage Of Time

20

Description

Threat Intelligence Integration -

• Consumes, analyzes, and operationalizes threat intelligence and open-source feeds ( CISA KEV , sector ISACs), and higher education-specific sources ( REN - ISAC ) to inform vulnerability prioritization and defensive posture.
• Produces threat intelligence summaries for the CISO and institutional leadership, translating adversary activity into actionable risk context.
• Correlates vulnerability data with threat intelligence to identify exposures actively targeted by threat actors, ensuring remediation efforts focus on real-world exploitability rather than CVSS scores alone.
• Leverages generative AI platforms to accelerate threat intelligence analysis, including rapid synthesis of advisories, campaign reporting, and indicator enrichment.
• Monitors the evolving threat landscape for emerging vulnerabilities, zero-day disclosures, and adversary TTPs relevant to Dartmouth's regulatory and research profile.
• Contributes threat-informed context to incident response, security architecture reviews, and risk assessments across the cybersecurity team.

Percentage Of Time

20

Description

Cross-Functional Remediation Coordination -

• Drives remediation outcomes with system administrators, application owners, research computing teams, and third-party vendors.
• Develops strong working relationships with decentralized IT groups across academic departments and research labs to gain cooperation without mandate authority.
• Coordinates with the endpoint management team and infrastructure teams to validate remediation and compensating controls.

Percentage Of Time

20

Description

Reporting & Governance -

• Produces recurring vulnerability posture and threat landscape reports for the CISO , CIO , and institutional leadership translating scan output and intelligence into risk narratives, trend analysis, and remediation progress metrics.
• Maintains dashboards that provide real-time visibility into vulnerability posture by business unit, asset class, and regulatory domain.
• Supports audit and compliance evidence collection.
• Briefs institutional governance bodies as needed on vulnerability trends, threat actor activity, and residual risk.

Percentage Of Time

20

Description

Continuous Improvement -

• Integrates vulnerability management data with cybersecurity tooling to enable correlated, threat-informed prioritization.
• Evaluates and recommends tooling enhancements, including external attack surface management ( EASM ), container/cloud-native scanning, and AI-augmented vulnerability analytics.
• Develops and maintains operational runbooks for scanning operations, emergency out-of-cycle scanning (zero-day response), threat intelligence workflows, and integration with the incident response process.
• Contributes to the broader cybersecurity engineering function, including participation in incident response, threat hunting, and security architecture reviews as needed.

Percentage Of Time

20

-

--

Demonstrates professionalism and collegiality through actions, interactions, and communications with others appropriate to an environment that is welcoming to all.

--

Performs other duties as assigned.