Senior Director Vulnerability Management jobs in United States
cer-icon
Apply on Employer Site
company-logo

Newrez ยท 6 days ago

Senior Director Vulnerability Management

positionCoppell, TX
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

Newrez LLC is committed to exceeding the expectations of residential mortgage borrowers and business partners through superior service and effective communication. The Senior Director of Vulnerability Management will own the enterprise VM program, setting strategy and governance while driving risk-based prioritization and enforcing remediation SLAs across various platforms and applications.

FinanceFinancial Services
check
H1B Sponsor Likelynote

Responsibilities

Define and continuously mature a risk-driven VM strategy, roadmap, and RACI
Establish policy-aligned remediation SLAs, exception criteria, escalation paths, and evidence requirements
Ensure customer/contract obligations related to scanning cadence and patch timelines are operationalized where applicable
Lead enterprise scanning and assessment coverage across on-prem, cloud, containers, and applications using core platforms (e.g., Qualys VMDR/TotalAppSec, Veracode, Microsoft Defender for Endpoint)
Expand and maintain authenticated/agent-based coverage; manage discovery for shadow/EOL assets
Oversee web app/API scanning in partnership with AppSec; ensure rescans validate remediation
Lead enterprise hardening efforts across systems, software, networks, cloud applications, and cloud environments
Drive CMDB and ITSM integrations to automate ownership mapping, ticket creation, routing, and SLA tracking
Improve data quality (asset/owner criticality) to enable risk-based prioritization and reporting
Partner with Infra, Desktop, Cloud, and App Owners to remove blockers (e.g., maintenance windows, change control constraints, EOL/EOS platforms)
Track and resolve exceptions with compensating controls; publish actionable playbooks/runbooks
Orchestrate assessment, prioritization, patch/mitigation guidance, rescans, stakeholder communications, and executive updates for critical vulnerabilities
Produce executive-ready dashboards (coverage, SLA attainment, risk burn-down, exception inventory, business impact)
Maintain audit artifacts and evidence for internal/external assessments; support GLBA and customer reviews

Qualification

Vulnerability ManagementQualys VMDRVeracodeMicrosoft Defender for EndpointNIST CSFISO 27001CISSPCISMCCSPRisk-Based DecisioningProcess DesignPartneringLeadershipCommunication

Required

Bachelor's degree in Information Security, Information Systems, Computer Science, or equivalent experience
10+ years in Information Security with 5+ years leading Vulnerability Management for a multi-platform enterprise (hybrid cloud). Demonstrated results improving enterprise VM metrics and SLA performance
Technical: Depth with Qualys (VMDR, WAS/TotalAppSec), Veracode, Microsoft Defender for Endpoint; familiarity with network device scanning, container registries, and cloud workload coverage
Frameworks/Regulatory: Working knowledge of NIST CSF/ISO 27001; audit evidence management (e.g., GLBA); experience satisfying customer security requirements
Ability to effectively and accurately convey information to others
Leads cross-functional remediation at enterprise scale; strong executive presence and communication
Translates technical findings to business risk; prioritizes by asset criticality and exposure
Hands-on with Qualys (VMDR and WAS/TotalAppSec), Veracode, Microsoft Defender for Endpoint; data/automation integrations with CMDB/ITSM
Scalable workflows, exception governance, and evidence management aligned to standards and audits
Drives outcomes with Infra/App/Cloud teams and third parties; removes operational friction
Converts complex risk and technical data into concise, outcome-oriented narratives for executives and non-security stakeholders
Working on-site at assigned office location
Regular and punctual attendance adhering to schedule established by leadership
Flexibility to work occasional adjusted work schedules, overtime, and evening and/or weekend hours to meet deadlines or as business needs demand
Working in a cubicle hub, maintaining focus on phone calls in a noisy environment within earshot of multiple other conversations
Sedentary work in a stationary position at a cubicle for prolonged periods of time
Constant repetitive motions required for operating a computer, such as typing and managing phone calls
Constantly communicating effectively verbally in English, including accurately exchanging information with others following identification of correct procedures
All employees are required to have smart phones that meet Company security standards with the ability to install apps such as Okta Verify and Microsoft Authenticator

Preferred

Preferred Certifications: CISSP, CISM, CCSP, or comparable

Benefits

Medical, dental, and vision insurance
Health Savings Account with employer contribution
401(k) Retirement plan with employer match
Paid Maternity Leave/Parental Bonding Leave
Pet insurance
Adoption Assistance
Tuition reimbursement
Employee Loan Program
The Newrez Employee Emergency and Disaster Fund is a new program to support our team members
1 Volunteer Time Off (VTO) day, company-paid volunteer day where all eligible employees may participate in a volunteer event with a nonprofit of their choice
Employee Matching Gifts Program: We will match monetary employee donations to eligible non-profit organizations, dollar-for-dollar, up to $1,000 per employee
Newrez Grants Program: Newrez hosts a giving portal where we provide employees an abundance of resources to search for an opportunity to donate their time or monetary contributions

Company

Newrez

twittertwittertwitter
Glassdoor3.0
company-logo
Newrez is your mortgage partner for all stages of your homeownership journey. We offer hundreds of mortgage products to match your needs.
dateFounded in 2018
location
Fort Washington, Pennsylvania, USA
people-size5001-10000 employees
web-link
https://www.newrez.com

H1B Sponsorship

Newrez has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (31)
2024 (12)
2023 (41)
2022 (3)
2021 (2)
2020 (6)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Joshua Bishop
Chief Operating Officer, Servicing
linkedin
B
Bruce Williams
Vice Chairman
linkedin

Recent News

Business Wire
Newrez First Major Lender to Recognize Crypto Assets in Mortgage Origination
2026-01-14
Inman
Newrez bets on AI with strategic investment in startup HomeVision
2026-01-11
thefly.com
Rithm Capital's Newrez announces investment in HomeVision
2026-01-08
Company data provided by crunchbase