Truist
Director, Threat Remediation & Prevention
Truist, Charlotte, North Carolina, United States, 28245
Director, Threat Remediation & Prevention
Join to apply for the
Director, Threat Remediation & Prevention
role at
Truist
1 day ago Be among the first 25 applicants
Please review the following job description: The Director of Threat Remediation & Prevention will lead and mature Truist’s centralized security remediation and prevention programs. This executive-level role is responsible for unifying vulnerability and threat remediation workflows into a single system of record and governance model, enabling proactive, predictive, and preventative security operations across the enterprise. The ideal candidate will demonstrate the ability to independently develop and execute new programs and processes, and influence change across large, complex organizations—particularly in regulated cybersecurity environments.
Automated Vulnerability Remediation
Own and govern enterprise SLAs for vulnerability triage, remediation, and verification.
Design and implement standardized automated workflows in ServiceNow Vulnerability Response (VR).
Maintain dashboards and executive reporting on MTTR, SLA adherence, and risk reduction.
Integrate remediation workflows with asset inventories, patch/configuration/change management systems.
Ensure regulatory and policy compliance in remediation processes.
Complex Threat Remediation Governance
Lead multi-stakeholder remediation workflows for threat assessments, intelligence, and post‑incident findings.
Develop and enforce playbooks, escalation paths, and governance gates for high‑risk findings.
Coordinate with IT, Engineering, Development, and Risk/Compliance teams to ensure secure and verifiable remediation.
Establish program‑level metrics and drive continuous improvement through post‑mortems and trend analysis.
Proactive Threat Prevention & Security Culture
Architect and lead a company‑wide threat prevention program focused on proactive controls and education.
Champion secure‑by‑design principles and threat awareness across product and business teams.
Translate threat intelligence into actionable guidance for operations and business decisions.
Partner with Communications, HR, and Leadership to embed a culture of security ownership.
Required Qualifications
Bachelor’s degree or equivalent
15 years’ technical experience working in the identity and access management control function
10 years’ experience as a manager
10 years’ experience in operational planning and execution
10 years managing simple and structured work
10 years managing complex and unstructured work
10 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, or managed services
5 years’ experience and expert‑level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active Directory, RACF, Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)
10 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability
10 years’ experience and intermediate‑level strength in soft skills and interpersonal communications
10 years’ technical experience working for a top 10 US bank
10 years’ experience collaborating with the following functions: infrastructure, application development, application support, business unit risk management, technology risk, audit and external auditors
10 years’ experience collaborating with the following peer functions in corporate cyber security
10 years’ experience managing the remediation of regulatory matters and internal findings
10 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)
Preferred Qualifications
Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field.
12+ years of experience in cybersecurity, including vulnerability management, incident response, and security operations.
6+ years in leadership roles with demonstrated ability to lead cross‑functional teams and programs.
Proven ability to independently develop and execute new programs and processes.
Demonstrated success influencing change across large corporate environments.
Expertise in ServiceNow VR, Splunk, AnvilLogic, Snowflake, and security automation.
Strong governance, stakeholder engagement, and executive communication skills.
Master’s degree in Cybersecurity or related field.
Certifications: CISSP, CISM, CISA, GIAC, PMP.
Experience in financial services and regulatory frameworks (GLBA, FFIEC, OCC/FDIC).
Experience operationalizing cybersecurity use cases with Large Language Models (LLMs).
Prior success in building enterprise‑wide security awareness programs.
All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax‑preferred savings accounts, and a 401(k) plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full‑time or part‑time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.
Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.
EEO is the Law E‑Verify IER Right to Work
Seniority level Not Applicable
Employment type Full‑time
Job function Other
Durham, NC $210,000.00–$265,000.00 1 day ago
#J-18808-Ljbffr
Director, Threat Remediation & Prevention
role at
Truist
1 day ago Be among the first 25 applicants
Please review the following job description: The Director of Threat Remediation & Prevention will lead and mature Truist’s centralized security remediation and prevention programs. This executive-level role is responsible for unifying vulnerability and threat remediation workflows into a single system of record and governance model, enabling proactive, predictive, and preventative security operations across the enterprise. The ideal candidate will demonstrate the ability to independently develop and execute new programs and processes, and influence change across large, complex organizations—particularly in regulated cybersecurity environments.
Automated Vulnerability Remediation
Own and govern enterprise SLAs for vulnerability triage, remediation, and verification.
Design and implement standardized automated workflows in ServiceNow Vulnerability Response (VR).
Maintain dashboards and executive reporting on MTTR, SLA adherence, and risk reduction.
Integrate remediation workflows with asset inventories, patch/configuration/change management systems.
Ensure regulatory and policy compliance in remediation processes.
Complex Threat Remediation Governance
Lead multi-stakeholder remediation workflows for threat assessments, intelligence, and post‑incident findings.
Develop and enforce playbooks, escalation paths, and governance gates for high‑risk findings.
Coordinate with IT, Engineering, Development, and Risk/Compliance teams to ensure secure and verifiable remediation.
Establish program‑level metrics and drive continuous improvement through post‑mortems and trend analysis.
Proactive Threat Prevention & Security Culture
Architect and lead a company‑wide threat prevention program focused on proactive controls and education.
Champion secure‑by‑design principles and threat awareness across product and business teams.
Translate threat intelligence into actionable guidance for operations and business decisions.
Partner with Communications, HR, and Leadership to embed a culture of security ownership.
Required Qualifications
Bachelor’s degree or equivalent
15 years’ technical experience working in the identity and access management control function
10 years’ experience as a manager
10 years’ experience in operational planning and execution
10 years managing simple and structured work
10 years managing complex and unstructured work
10 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, or managed services
5 years’ experience and expert‑level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active Directory, RACF, Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)
10 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability
10 years’ experience and intermediate‑level strength in soft skills and interpersonal communications
10 years’ technical experience working for a top 10 US bank
10 years’ experience collaborating with the following functions: infrastructure, application development, application support, business unit risk management, technology risk, audit and external auditors
10 years’ experience collaborating with the following peer functions in corporate cyber security
10 years’ experience managing the remediation of regulatory matters and internal findings
10 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)
Preferred Qualifications
Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field.
12+ years of experience in cybersecurity, including vulnerability management, incident response, and security operations.
6+ years in leadership roles with demonstrated ability to lead cross‑functional teams and programs.
Proven ability to independently develop and execute new programs and processes.
Demonstrated success influencing change across large corporate environments.
Expertise in ServiceNow VR, Splunk, AnvilLogic, Snowflake, and security automation.
Strong governance, stakeholder engagement, and executive communication skills.
Master’s degree in Cybersecurity or related field.
Certifications: CISSP, CISM, CISA, GIAC, PMP.
Experience in financial services and regulatory frameworks (GLBA, FFIEC, OCC/FDIC).
Experience operationalizing cybersecurity use cases with Large Language Models (LLMs).
Prior success in building enterprise‑wide security awareness programs.
All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax‑preferred savings accounts, and a 401(k) plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full‑time or part‑time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.
Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.
EEO is the Law E‑Verify IER Right to Work
Seniority level Not Applicable
Employment type Full‑time
Job function Other
Durham, NC $210,000.00–$265,000.00 1 day ago
#J-18808-Ljbffr