Pyramid Consulting, Inc · 10 hours ago
Cyber Threat and Exposure Management (TEM) Oversight and Governance
Charlotte, NC
Contract
Hybrid
Senior Level, Lead/Staff
$100/hr - $110/hr
10+ years expPyramid Consulting, Inc is a leading Financial Industry, and they are seeking a Cyber Threat and Exposure Management (TEM) Oversight and Governance professional. The role involves overseeing vulnerability management and governance processes while ensuring compliance with financial regulations and risk management practices.
ConsultingInformation TechnologyLegalProfessional ServicesSoftwareStaffing Agency
Responsibilities
Exp in vulnerability management
Do not want and engineer or an architect
They will be working in high pace environment
Governance, Risk & control
No preference years of exp needed but the person should be very smart who can do things proactively
Remediation
Understanding Mitigating risks factors
Reduce the risk of the vulnerability
Hands on role with potential leadership role down the line
If someone has some leadership skills like to be a director or so will help
Banking/financial domain is very important
He needs someone FFIEC guidelines, CRI framework
Align with client Protection Services (TPS) priorities that define ‘our what’ that may change based on business need
Own the end-to-end governance framework for the Vulnerability and Patch Management program, including routines, escalation paths, and decision forums
Design, document, and maintain governance processes, standards, SOPs, and control execution procedures
Lead control lifecycle management activities, including control design, effectiveness validation, issue identification, and remediation tracking
Provide risk-based oversight of vulnerability identification, prioritization, remediation timelines, and exception handling
Own issue management workflows, including root cause analysis, action plan approval, tracking, and formal closure
Facilitate recurring governance routines (weekly, monthly, ad-hoc), ensuring clear decisioning, documentation, and follow-through
Define, monitor, and report KPIs and KRIs related to vulnerability posture, control health, and remediation performance
Partner with operational security teams (Infrastructure, Application Security, Red Team, etc.) to align governance requirements with execution realities
Act as a primary interface for audit, risk, and compliance stakeholders on vulnerability governance topics
Drive continuous improvement by identifying systemic gaps, emerging risks, and opportunities to mature governance effectiveness
Integrate threat intelligence, exploit availability, and external advisories into vulnerability prioritization models to support dynamic risk response
Extend governance oversight to vulnerabilities impacting critical third-party providers and cloud hosted services
Drive patching and vulnerability requirements into the third-party risk management and contractual obligations and assessments
Leads complex and visible projects with moderate to high risk and complexity
Qualification
Required
Exp in vulnerability management
Governance, Risk & control
Remediation
Understanding Mitigating risks factors
Reduce the risk of the vulnerability
Hands on role with potential leadership role down the line
Banking/financial domain is very important
FFIEC guidelines, CRI framework
Own the end-to-end governance framework for the Vulnerability and Patch Management program, including routines, escalation paths, and decision forums
Design, document, and maintain governance processes, standards, SOPs, and control execution procedures
Lead control lifecycle management activities, including control design, effectiveness validation, issue identification, and remediation tracking
Provide risk-based oversight of vulnerability identification, prioritization, remediation timelines, and exception handling
Own issue management workflows, including root cause analysis, action plan approval, tracking, and formal closure
Facilitate recurring governance routines (weekly, monthly, ad-hoc), ensuring clear decisioning, documentation, and follow-through
Define, monitor, and report KPIs and KRIs related to vulnerability posture, control health, and remediation performance
Partner with operational security teams (Infrastructure, Application Security, Red Team, etc.) to align governance requirements with execution realities
Act as a primary interface for audit, risk, and compliance stakeholders on vulnerability governance topics
Drive continuous improvement by identifying systemic gaps, emerging risks, and opportunities to mature governance effectiveness
Integrate threat intelligence, exploit availability, and external advisories into vulnerability prioritization models to support dynamic risk response
Extend governance oversight to vulnerabilities impacting critical third-party providers and cloud hosted services
Drive patching and vulnerability requirements into the third-party risk management and contractual obligations and assessments
Leads complex and visible projects with moderate to high risk and complexity
Must have skills: Vulnerability, risk, Governance, regulation
10 years of experience in cybersecurity, technology risk management, or vulnerability management governance
Demonstrated experience designing and operating governance routines and escalation frameworks
Strong understanding of vulnerability management tooling, patching methodologies, and remediation constraints across infrastructure, cloud, endpoints, and applications
Experience with control frameworks and issue management processes
Ability to communicate technical risk clearly and credibly to executive, risk, and regulatory stakeholders
Strong facilitation and negotiation skills across technology, security, compliance, and business teams
Proven ability to drive disciplined governance while enabling business agility
Experience working with systems of record like GRC, ITSM related tools
Strong written communication skills for standards, procedures, and governance documentation
Analytical mindset with experience defining and interpreting metrics and trends
Comfort operating in regulated environments (financial services, or similar)
Previous experience in leading complex IT projects
Direct experience supporting regulatory frameworks (e.g., NYDFS, FFIEC, PCI, SOX, GLBA)
Prior second line (oversight) or internal audit experience
Experience standing up new governance functions or maturing immature programs
Familiarity with Red Team, Penetration Testing, or Threat-Driven Risk models
Experience leading or mentoring governance or risk teams
Exposure to executive risk committees or board-level reporting
CISSP Certification
Benefits
Health insurance (medical, dental, vision)
401(k) plan
Paid sick leave (depending on work location)
Company
Pyramid Consulting, Inc
Pyramid Consulting, a global leader in workforce and technology solutions, empowers individuals and organizations to transform and thrive in the most challenging and competitive markets.
5001-10000 employees
H1B Sponsorship
Pyramid Consulting, Inc has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (178)
2024 (112)
2023 (95)
2022 (62)
2021 (50)
2020 (117)
Funding
Current Stage
Late StageLeadership Team
Ramesh Maturu
President and Co-Founder
Manish Kaushik
Chief Financial Officer
Recent News
2025-08-18
Company data provided by crunchbase