Senior Director – Vulnerability Management
| Company | Dun & Bradstreet |
|---|---|
| Location | Jacksonville, FL, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s, Master’s, MBA |
| Experience Level | Senior, Expert or higher |
Requirements
- 12+ years of experience in cybersecurity or technology, with at least 5+ years in a leadership role overseeing vulnerability management, security operations, or risk management in a large global organization.
- Deep understanding of vulnerability management tools (e.g., Tenable, Qualys, Rapid7, Microsoft Defender, etc.), attack surface management, and threat intelligence integration. Experience with cloud security (AWS, Azure, GCP), container security, and DevSecOps practices.
- Strong familiarity with risk-based vulnerability prioritization, CVSS scoring, and frameworks such as NIST, CIS, ISO 27001, PCI-DSS, and MITRE ATT&CK. Experience working with regulatory compliance requirements and audit processes.
- Proven ability to lead and develop high-performing security teams across multiple geographies. Strong executive presence with the ability to communicate complex security risks to C-level executives and board members.
- A Bachelor or Master’s degree in Cybersecurity, Information Security, or Business Administration (MBA) is preferred. Industry certifications preferred.
Responsibilities
- Define, implement, and continuously enhance the global vulnerability management strategy, ensuring it aligns with the organization’s security, risk, and compliance frameworks. Establish policies, processes, and best practices to proactively identify, assess, and mitigate vulnerabilities across cloud, on-premises, and hybrid environments.
- Develop a risk and threat-based approach to vulnerability prioritization, considering exploitability, business impact, and regulatory requirements. Partner with Cyber Threat Intelligence (CTI) teams to incorporate real-world threat data into vulnerability assessments and remediation efforts.
- Partner with IT, DevOps, engineering, and business leaders to drive timely and effective remediation of critical vulnerabilities. Communicate risk and remediation requirements to executive leadership, ensuring alignment with business objectives.
- Develop and maintain key performance indicators (KPIs) and executive dashboards to track vulnerability management effectiveness. Provide regular updates to senior leadership and committees on vulnerability trends, remediation progress, and risk reduction efforts.
- Oversee the selection, deployment, and optimization of vulnerability scanning tools, attack surface management solutions, and security orchestration platforms. Drive automation initiatives to improve vulnerability detection, prioritization, and remediation processes.
- Ensure the vulnerability management program meets or exceeds compliance requirements, including NIST, CIS, ISO 27001, PCI-DSS, and other relevant regulatory frameworks. Support audit and regulatory inquiries by providing clear documentation and evidence of vulnerability management controls.
- Build and lead a high-performing vulnerability management team, fostering a culture of accountability, innovation, and continuous improvement. Mentor and develop talent, ensuring the team has the necessary skills and expertise to address evolving cybersecurity challenges.
Preferred Qualifications
- A Bachelor or Master’s degree in Cybersecurity, Information Security, or Business Administration (MBA) is preferred.
- Industry certifications preferred.