"Alerted.org

The position is described below. If you want to apply, click the Apply Now button at the top or bottom of this page. After you click Apply Now and complete your application, you'll be invited to create a profile, which will let you see your application status and any communications. If you already have a profile with us, you can log in to check status.

Need Help? (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/Career\_site\_FAQ-1758133253710.pdf)

_If you have a disability and need assistance with the application, you can request a reasonable accommodation. Send an email to_ Accessibility ([email protected]?subject=Accommodation%20request)

_(accommodation requests only; other inquiries won't receive a response)._

Regular or Temporary:

Regular

**Language Fluency:** English (Required)

Work Shift:

1st shift (United States of America)

Please review the following job description:

The Director of Threat Remediation & Prevention will lead and mature Truist’s centralized security remediation and prevention programs. This executive-level role is responsible for unifying vulnerability and threat remediation workflows into a single system of record and governance model, enabling proactive, predictive, and preventative security operations across the enterprise. The ideal candidate will demonstrate the ability to independently develop and execute new programs and processes, and influence change across large, complex organizations—particularly in regulated cybersecurity environments.

Following is a summary of the essential functions for this job. Other duties may be performed, both major and minor, which are not mentioned below. Specific activities may change from time to time.

Automated Vulnerability Remediation

+ Own and govern enterprise SLAs for vulnerability triage, remediation, and verification.

+ Design and implement standardized automated workflows in ServiceNow Vulnerability Response (VR).

+ Maintain dashboards and executive reporting on MTTR, SLA adherence, and risk reduction.

+ Integrate remediation workflows with asset inventories, patch/configuration/change management systems.

+ Ensure regulatory and policy compliance in remediation processes.

Complex Threat Remediation Governance

+ Lead multi-stakeholder remediation workflows for threat assessments, intelligence, and post-incident findings.

+ Develop and enforce playbooks, escalation paths, and governance gates for high-risk findings.

+ Coordinate with IT, Engineering, Development, and Risk/Compliance teams to ensure secure and verifiable remediation.

+ Establish program-level metrics and drive continuous improvement through post-mortems and trend analysis.

Proactive Threat Prevention & Security Culture

Architect and lead a company-wide threat prevention program focused on proactive controls and education.

Champion secure-by-design principles and threat awareness across product and business teams.

Translate threat intelligence into actionable guidance for operations and business decisions.

Partner with Communications, HR, and Leadership to embed a culture of security ownership.

Required Qualifications:

The requirements listed below are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

+ Bachelor’s degree or equivalent

+ 15 years’ technical experience working in the identity and access management control function

+ 10 years’ experience as a manager

+ 10 yeas’ experience in operational planning and execution

+ 10 years managing simple and structured work

+ 10 years managing complex and unstructured work

+ 10 years’ experience leading diverse teams, such as teammates, contract workers, onshore, offshore resources, and/or managed services

+ 5 years’ experience and expert-level technical knowledge of product knowledge and processes for specific IAM areas (e.g., Active directory, RACF, Idaptive, CyberArk, PRIVA, Oracle OIM, Persistent Ignite)

+ 10 years’ experience and basic functional knowledge of tools and processes for the broader IAM capability

+ 10 years’ experience and intermediate-level strength in soft skills and interpersonal communications

+ 10 years’ technical experience working for a top 10 US bank

+ 10 years’ experience collaborating with the following functions: a) infrastructure b) application development c) application support d) business unit risk management e) technology risk f) audit and g) external auditors

+ 10 years’ experience collaborating with the following peer functions in corporate cyber security

+ 10 years’ experience managing the remediation of regulatory matters and internal findings

+ 10 years’ experience in strategic planning and applying industry best practices to operations (NIST, FFIEC)

Preferred Qualifications:

+ Bachelor’s degree in computer science, Cybersecurity, Information Technology, or related field.

+ 12+ years of experience in cybersecurity, including vulnerability management, incident response, and security operations.

+ 6+ years in leadership roles with demonstrated ability to lead cross-functional teams and programs.

+ Proven ability to independently develop and execute new programs and processes.

+ Demonstrated success influencing change across large corporate environments.

+ Expertise in ServiceNow VR, Splunk, AnvilLogic, Snowflake, and security automation.

+ Strong governance, stakeholder engagement, and executive communication skills.

+ Master’s degree in Cybersecurity or related field.

+ Certifications: CISSP, CISM, CISA, GIAC, PMP.

+ Experience in financial services and regulatory frameworks (GLBA, FFIEC, OCC/FDIC).

+ Experience operationalizing cybersecurity use cases with Large Language Models (LLMs).

+ Prior success in building enterprise-wide security awareness programs.

**General Description of Available Benefits for Eligible Employees of Truist Financial Corporation:** All regular teammates (not temporary or contingent workers) working 20 hours or more per week are eligible for benefits, though eligibility for specific benefits may be determined by the division of Truist offering the position. Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates. Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays. For more details on Truist’s generous benefit plans, please visit our Benefits site (https://benefits.truist.com/)

. Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan. As you advance through the hiring process, you will also learn more about the specific benefits available for any non-temporary position for which you apply, based on full-time or part-time status, position, and division of work.

_Truist is an Equal Opportunity Employer that does not discriminate on the basis of race, gender, color, religion, citizenship or national origin, age, sexual orientation, gender identity, disability, veteran status, or other classification protected by law. Truist is a Drug Free Workplace._

EEO is the Law (https://www.eeoc.gov/sites/default/files/2022-10/EEOC\_KnowYourRights\_screen\_reader\_10\_20.pdf)

E-Verify (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/E-Verify\_Participation\_Poster-1757074518541.pdf)

IER Right to Work (https://pp-cdn.phenompeople.com/CareerConnectResources/prod/TBJTBFUS/documents/IER\_RightToWorkPoster-1757074222028.pdf)