Job No. 158898
- Job Title:
- Senior Cybersecurity Engineer — Vulnerability and Threat Management
- Employer:
-
Dartmouth College
- Location:
-
Hanover , NH
- Posting Date:
- 26-Jun-2026
- Description:
-
Position Purpose
Dartmouth College seeks a Senior Cybersecurity Engineer to own and mature the institution’s vulnerability management program, integrate threat intelligence into vulnerability prioritization and defensive operations, and leverage AI to accelerate both disciplines. This role is responsible for the full vulnerability management lifecycle — from asset discovery and scanning through risk-rated prioritization, remediation coordination, and executive reporting — enriched by threat intelligence that ties vulnerability data to real-world adversary activity. You will operate across a complex environment that includes academic and administrative systems, research computing infrastructure, and a hybrid cloud footprint.
Description
What You’ll Join
Dartmouth’s cybersecurity program is in an active investment and maturation phase under new CISO leadership. You won’t be slotting into a static operation — you’ll be helping build it. The team values technical depth, clear communication, and pragmatic risk management over checkbox compliance. You’ll work with modern tooling, have direct input on how AI transforms vulnerability and threat intelligence operations, and sit at the intersection of technical execution and institutional risk strategy. The mission matters: protecting a world-class research university, its students, its faculty, and the sensitive data entrusted to it.
Required Qualifications - Education and Yrs Exp Bachelor's degree
Required Qualifications - Skills, Knowledge and Abilities
Bachelor’s degree in computer science, cybersecurity, information systems, or a related field — or equivalent professional experience.
5+ years of hands-on cybersecurity engineering experience, with at least 3 years directly managing or operating a vulnerability management program.
Experience building vulnerability management or threat intelligence programs from early maturity.
Deep working knowledge of enterprise vulnerability scanning platforms (e.g., Tenable, Qualys, Rapid7).
Experience consuming and operationalizing threat intelligence from commercial platforms, ISACs, and open-source feeds to inform defensive operations.
Experience with developing vulnerability management API integrations and automations with other cybersecurity technologies.
Demonstrated ability to drive remediation with stakeholders outside your direct reporting chain.
Solid understanding of CVSS scoring, EPSS, KEV catalog usage, and risk-based prioritization beyond “patch everything critical.”
Strong written and verbal communication skills.
Preferred Qualifications
Experience in higher education, healthcare, or other environments with decentralized IT governance and federated system ownership.
Working knowledge of industry leading EDR, SIEM and Log Management platforms.
Hands-on experience applying AI/ML tools to vulnerability management or threat intelligence workflows — including generative AI for analysis acceleration, AI-driven prioritization models, or automated enrichment pipelines.
Familiarity with AI-specific threat vectors (prompt injection, model manipulation, data exfiltration via AI tooling) and their implications for vulnerability management programs.
Familiarity with compliance frameworks relevant to research universities: CMMC/NIST 800-171, HIPAA, GLBA, FERPA, ITAR/EAR.
Experience with threat intelligence platforms (TIPs), STIX/TAXII, and MITRE ATT&CK framework mapping.
Experience with external attack surface management (EASM) and cloud-native vulnerability assessment.
Relevant certifications: GEVA, GCIH, GCTI, CTIA, CISSP, or equivalent.