Cyber Threat and Exposure Management (TEM) Oversight and Governance jobs in United States
cer-icon
Apply on Employer Site
company-logo

ICONMA · 10 hours ago

Cyber Threat and Exposure Management (TEM) Oversight and Governance

positionCharlotte, NC
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$119.05/hr - $121.09/hr
date10+ years exp

ICONMA is a company in the commercial banking sector seeking a Cyber Threat and Exposure Management (TEM) Oversight and Governance professional. The role involves owning the governance framework for vulnerability and patch management, providing oversight, and driving continuous improvement in governance effectiveness.

Staffing & Recruiting
check
H1B Sponsor Likelynote

Responsibilities

Align with Client Protection Services (TPS) priorities that define ‘our what’ that may change based on business need
Own the end-to-end governance framework for the Vulnerability and Patch Management program, including routines, escalation paths, and decision forums
Design, document, and maintain governance processes, standards, SOPs, and control execution procedures
Lead control lifecycle management activities, including control design, effectiveness validation, issue identification, and remediation tracking
Provide risk-based oversight of vulnerability identification, prioritization, remediation timelines, and exception handling
Own issue management workflows, including root cause analysis, action plan approval, tracking, and formal closure
Facilitate recurring governance routines (weekly, monthly, ad-hoc), ensuring clear decisioning, documentation, and follow-through
Define, monitor, and report KPIs and KRIs related to vulnerability posture, control health, and remediation performance
Partner with operational security teams (Infrastructure, Application Security, Red Team, etc.) to align governance requirements with execution realities
Act as a primary interface for audit, risk, and compliance stakeholders on vulnerability governance topics
Drive continuous improvement by identifying systemic gaps, emerging risks, and opportunities to mature governance effectiveness
Integrate threat intelligence, exploit availability, and external advisories into vulnerability prioritization models to support dynamic risk response
Extend governance oversight to vulnerabilities impacting critical third-party providers and cloud hosted services
Drive patching and vulnerability requirements into the third-party risk management and contractual obligations and assessments
Leads complex and visible projects with moderate to high risk and complexity

Qualification

Cybersecurity experienceVulnerability managementGovernance frameworksRegulatory frameworksGRC tools experienceAnalytical mindsetTechnical risk communicationContinuous improvementExecutive reportingPatch managementThreat intelligenceIssue managementControl designRoot cause analysisCloud securityThird-party risk managementPenetration testingRed Team familiarityCommunication skillsFacilitation skillsNegotiation skillsMentoring experienceProject leadershipDocumentation skills

Required

10+ years of experience in cybersecurity, technology risk management, or vulnerability management governance
Demonstrated experience designing and operating governance routines and escalation frameworks
Strong understanding of vulnerability management tooling, patching methodologies, and remediation constraints across infrastructure, cloud, endpoints, and applications
Experience with control frameworks and issue management processes
Ability to communicate technical risk clearly and credibly to executive, risk, and regulatory stakeholders
Strong facilitation and negotiation skills across technology, security, compliance, and business teams
Proven ability to drive disciplined governance while enabling business agility
Experience working with systems of record like GRC, ITSM related tools
Strong written communication skills for standards, procedures, and governance documentation
Analytical mindset with experience defining and interpreting metrics and trends
Comfort operating in regulated environments (financial services, or similar)
Previous experience in leading complex IT projects
Direct experience supporting regulatory frameworks (e.g., NYDFS, FFIEC, PCI, SOX, GLBA)
Prior second line (oversight) or internal audit experience
Experience standing up new governance functions or maturing immature programs
Familiarity with Red Team, Penetration Testing, or Threat-Driven Risk models
Experience leading or mentoring governance or risk teams
Exposure to executive risk committees or board-level reporting
CISSP Certification

Benefits

Health Benefits
Referral Program

Company

ICONMA

twitter
Glassdoor3.3
company-logo
ICONMA: Your Partner in Global Staffing Solutions and Digital Transformation ICONMA is a globally recognized, Woman-Owned staff augmentation and technology consulting firm.
dateFounded in 2000
location
Troy, MI, US
people-size1001-5000 employees
web-link
http://www.iconma.com

H1B Sponsorship

ICONMA has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (34)
2024 (31)
2023 (26)
2022 (39)
2021 (37)
2020 (69)

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Claudine George
Founder and CEO of ICONMA, LLC
linkedin
Company data provided by crunchbase