Director, Threat Remediation & Prevention

Director, Threat Remediation & Prevention

Join to apply for the Director, Threat Remediation & Prevention role at Truist

1 day ago Be among the first 25 applicants

Please review the following job description: The Director of Threat Remediation & Prevention will lead and mature Truist’s centralized security remediation and prevention programs. This executive-level role is responsible for unifying vulnerability and threat remediation workflows into a single system of record and governance model, enabling proactive, predictive, and preventative security operations across the enterprise. The ideal candidate will demonstrate the ability to independently develop and execute new programs and processes, and influence change across large, complex organizations—particularly in regulated cybersecurity environments.

Automated Vulnerability Remediation

• Own and govern enterprise SLAs for vulnerability triage, remediation, and verification.
• Design and implement standardized automated workflows in ServiceNow Vulnerability Response (VR).
• Maintain dashboards and executive reporting on MTTR, SLA adherence, and risk reduction.
• Integrate remediation workflows with asset inventories, patch/configuration/change management systems.
• Ensure regulatory and policy compliance in remediation processes.

Complex Threat Remediation Governance

• Lead multi-stakeholder remediation workflows for threat assessments, intelligence, and post‑incident findings.
• Develop and enforce playbooks, escalation paths, and governance gates for high‑risk findings.
• Coordinate with IT, Engineering, Development, and Risk/Compliance teams to ensure secure and verifiable remediation.
• Establish program‑level metrics and drive continuous improvement through post‑mortems and trend analysis.

Proactive Threat Prevention & Security Culture

• Architect and lead a company‑wide threat prevention program focused on proactive controls and education.
• Champion secure‑by‑design principles and threat awareness across product and business teams.
• Translate threat intelligence into actionable guidance for operations and business decisions.
• Partner with Communications, HR, and Leadership to embed a culture of security ownership.

Required Qualifications

• Bachelor’s degree or equivalent
• 15 years’ technical experience working in the identity and access management control function
• 10 years’ experience as a manager
• 10 years’ experience in operational planning and execution
• 10 years managing simple and structured work
• 10 years managing complex and unstructured work
• 10 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, or managed services
• 5 years’ experience and expert‑level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active Directory, RACF, Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)
• 10 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability
• 10 years’ experience and intermediate‑level strength in soft skills and interpersonal communications
• 10 years’ technical experience working for a top 10 US bank
• 10 years’ experience collaborating with the following functions: infrastructure, application development, application support, business unit risk management, technology risk, audit and external auditors
• 10 years’ experience collaborating with the following peer functions in corporate cyber security
• 10 years’ experience managing the remediation of regulatory matters and internal findings
• 10 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)

Preferred Qualifications

• Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field.
• 12+ years of experience in cybersecurity, including vulnerability management, incident response, and security operations.
• 6+ years in leadership roles with demonstrated ability to lead cross‑functional teams and programs.
• Proven ability to independently develop and execute new programs and processes.
• Demonstrated success influencing change across large corporate environments.
• Expertise in ServiceNow VR, Splunk, AnvilLogic, Snowflake, and security automation.
• Strong governance, stakeholder engagement, and executive communication skills.
• Master’s degree in Cybersecurity or related field.
• Certifications: CISSP, CISM, CISA, GIAC, PMP.
• Experience in financial services and regulatory frameworks (GLBA, FFIEC, OCC/FDIC).
• Experience operationalizing cybersecurity use cases with Large Language Models (LLMs).
• Prior success in building enterprise‑wide security awareness programs.

All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax‑preferred savings accounts, and a 401(k) plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full‑time or part‑time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.

Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace.

EEO is the Law E‑Verify IER Right to Work

Seniority level

Not Applicable

Employment type

Full‑time

Job function

Other

Durham, NC $210,000.00–$265,000.00 1 day ago