Director, Threat Remediation & Prevention

About The Position

Requirements

• Bachelor’s degree or equivalent
• 15 years’ technical experience working in the identity and access management control function
• 10 years’ experience as a manager
• 10 yeas’ experience in operational planning and execution
• 10 years managing simple and structured work
• 10 years managing complex and unstructured work
• 10 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, and/or managed services
• 5 years’ experience and expert-level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active directory, RACF, Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)
• 10 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability
• 10 years’ experience and intermediate-level strength in soft skills and interpersonal communications
• 10 years’ technical experience working for a top 10 US bank
• 10 years’ experience collaborating with the following functions: a) infrastructure b) application development c) application support d) business unit risk management e) technology risk f) audit and g) external auditors
• 10 years’ experience collaborating with the following peer functions in corporate cyber security
• 10 years’ experience managing the remediation of regulatory matters and internal findings
• 10 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)

Nice To Haves

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field.
• 12+ years of experience in cybersecurity, including vulnerability management, incident response, and security operations.
• 6+ years in leadership roles with demonstrated ability to lead cross-functional teams and programs.
• Proven ability to independently develop and execute new programs and processes.
• Demonstrated success influencing change across large corporate environments.
• Expertise in ServiceNow VR, Splunk, AnvilLogic, Snowflake, and security automation.
• Strong governance, stakeholder engagement, and executive communication skills.
• Master’s degree in Cybersecurity or related field.
• Certifications: CISSP, CISM, CISA, GIAC, PMP.
• Experience in financial services and regulatory frameworks (GLBA, FFIEC, OCC/FDIC).
• Experience operationalizing cybersecurity use cases with Large Language Models (LLMs).
• Prior success in building enterprise-wide security awareness programs.

Responsibilities

• Automated Vulnerability Remediation Own and govern enterprise SLAs for vulnerability triage, remediation, and verification.
• Design and implement standardized automated workflows in ServiceNow Vulnerability Response (VR).
• Maintain dashboards and executive reporting on MTTR, SLA adherence, and risk reduction.
• Integrate remediation workflows with asset inventories, patch/configuration/change management systems.
• Ensure regulatory and policy compliance in remediation processes.
• Complex Threat Remediation Governance Lead multi-stakeholder remediation workflows for threat assessments, intelligence, and post-incident findings.
• Develop and enforce playbooks, escalation paths, and governance gates for high-risk findings.
• Coordinate with IT, Engineering, Development, and Risk/Compliance teams to ensure secure and verifiable remediation.
• Establish program-level metrics and drive continuous improvement through post-mortems and trend analysis.
• Proactive Threat Prevention & Security Culture Architect and lead a company-wide threat prevention program focused on proactive controls and education.
• Champion secure-by-design principles and threat awareness across product and business teams.
• Translate threat intelligence into actionable guidance for operations and business decisions.
• Partner with Communications, HR, and Leadership to embed a culture of security ownership.

Benefits

• All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position.
• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.
• As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.