Director, Threat Remediation & Prevention

About The Position

Requirements

• Bachelor's degree or equivalent
• 15 years' technical experience working in the identity and access management control function
• 10 years' experience as a manager
• 10 yeas' experience in operational planning and execution
• 10 years managing simple and structured work
• 10 years managing complex and unstructured work
• 10 years' experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, and/or managed services
• 5 years' experience and expert-level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active directory, RACF, Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)
• 10 years' experience and basic functional knowledge of tools and processes for the broader IAM capability
• 10 years' experience and intermediate-level strength in soft skills and interpersonal communications
• 10 years' technical experience working for a top 10 US bank
• 10 years' experience collaborating with the following functions: a) infrastructure b) application development c) application support d) business unit risk management e) technology risk f) audit and g) external auditors
• 10 years' experience collaborating with the following peer functions in corporate cyber security
• 10 years' experience managing the remediation of regulatory matters and internal findings
• 10 years' experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)
• Language Fluency: English (Required)

Nice To Haves

• Bachelor's degree in computer science, Cybersecurity, Information Technology, or related field.
• 12+ years of experience in cybersecurity, including vulnerability management, incident response, and security operations.
• 6+ years in leadership roles with demonstrated ability to lead cross-functional teams and programs.
• Proven ability to independently develop and execute new programs and processes.
• Demonstrated success influencing change across large corporate environments.
• Expertise in ServiceNow VR, Splunk, AnvilLogic, Snowflake, and security automation.
• Strong governance, stakeholder engagement, and executive communication skills.
• Master's degree in Cybersecurity or related field.
• Certifications: CISSP, CISM, CISA, GIAC, PMP.
• Experience in financial services and regulatory frameworks (GLBA, FFIEC, OCC/FDIC).
• Experience operationalizing cybersecurity use cases with Large Language Models (LLMs).
• Prior success in building enterprise-wide security awareness programs.

Responsibilities

• Automated Vulnerability Remediation
• Own and govern enterprise SLAs for vulnerability triage, remediation, and verification.
• Design and implement standardized automated workflows in ServiceNow Vulnerability Response (VR).
• Maintain dashboards and executive reporting on MTTR, SLA adherence, and risk reduction.
• Integrate remediation workflows with asset inventories, patch/configuration/change management systems.
• Ensure regulatory and policy compliance in remediation processes.
• Complex Threat Remediation Governance
• Lead multi-stakeholder remediation workflows for threat assessments, intelligence, and post-incident findings.
• Develop and enforce playbooks, escalation paths, and governance gates for high-risk findings.
• Coordinate with IT, Engineering, Development, and Risk/Compliance teams to ensure secure and verifiable remediation.
• Establish program-level metrics and drive continuous improvement through post-mortems and trend analysis.
• Proactive Threat Prevention & Security Culture
• Architect and lead a company-wide threat prevention program focused on proactive controls and education.
• Champion secure-by-design principles and threat awareness across product and business teams.
• Translate threat intelligence into actionable guidance for operations and business decisions.
• Partner with Communications, HR, and Leadership to embed a culture of security ownership.

Benefits

• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist's defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.