Be an early applicantLess than 25 applicants

Company

Fifth Third Bank · 2 hours ago

Director, Enterprise Vulnerability Management

Cincinnati, OH

Full-time

Remote

Director/Executive

$120K/yr - $241K/yr

Maximize your interview chances

BankingFinance

Actively Hiring

Insider Connection @Fifth Third Bank

Discover valuable connections within the company who might provide insights and potential referrals.
Get 3x more responses when you reach out via email instead of LinkedIn.

Responsibilities

Own and develop the 1–5 year roadmap for the Vulnerability Management program, incorporating industry trends, regulatory requirements, and organizational goals.

Lead strategic initiatives, including expanding vulnerability and compliance scanning capabilities and overseeing platform migrations.

Represent the program in discussions with senior leadership, external stakeholders, and regulators.

Partner with the Product Owner to ensure tactical priorities align with strategic goals.

Drive alignment across squads (Remediation, Engineering, Application Security) by breaking down silos and fostering collaboration.

Define and monitor key performance indicators (KPIs) for program success, ensuring alignment with organizational priorities.

Act as the escalation point for challenges that impact cross-squad or program-level objectives.

Manage the Enterprise Vulnerability Management budget, service providers, and contractors.

Mentor and coach squad leads to foster professional growth and ensure delivery excellence.

Promote a culture of collaboration, innovation, and accountability across the program.

Continuously develop an experienced team of information security engineers.

Operate as subject matter expert in the fields of vulnerability management and application security.

Qualification

Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.

Vulnerability ManagementCybersecurityInformation SecurityStrategic LeadershipProgram PlanningPenetration TestingCompliance StandardsProject ManagementCWECVSSOWASPPCI DSSNISTISO 27001RSA ArcherServiceNowDevOpsCICD PipelineAsset ManagementCISSPCISM

Required

Proven experience in strategic leadership roles within Vulnerability Management, Cybersecurity, or Information Security programs.

Strong background in long-term program planning and execution.

Familiarity with vulnerability management tools, penetration testing frameworks, and compliance standards (e.g., PCI DSS, NIST, ISO 27001).

Exceptional communication skills, with a demonstrated ability to collaborate across technical and leadership teams.

Strong presence and credibility with excellent communication, presentation, and interpersonal skills which are effective and impactful to a range of audiences. Demonstrated ability to communicate complex information in a simplified way and meet fast-paced deadlines.

Ability to manage complex projects and diverse teams of both direct and indirect reports.

Experience communicating and removing impediments at both the team level and organizational level, fostering collaboration across organizational boundaries.

Knowledge of industry standard vulnerability risk scoring practices and experience with applying CWE, CVSS, and OWASP processes and remediation recommendations.

Familiarity with IT compliance requirements such as PCI and FFIEC guidance.

Strong technical understanding and experience assessing vulnerabilities and identifying weaknesses in multiple operating system platforms, database, and application servers, for both custom and off-the-shelf applications in both on-prem and cloud environments.

Ability to lead self-organizing teams and drive change through influence.

Ability to build a sense of trust and rapport that creates a sustainable and effective workplace.

Preferred

Experience leading large-scale initiatives such as platform migrations or regulatory audits.

Hands-on experience with GRC software such as RSA Archer and ServiceNow.

Knowledge of DevOps and the CICD pipeline best practices, asset discovery, and asset management systems.

Certifications such as CISSP, CISM, or equivalent.

Company

Fifth Third Bank

Glassdoor

3.7

Fifth Third Bancorp is a diversified financial services company, that specializes in small business, retail banking, investments. It is a sub-organization of Fifth Third Bank.

Founded in 1858