Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy, ensuring that the firm continuously identifies, prioritizes, and mitigates exploitable attack paths across on-prem, cloud, and hybrid environments. The CTEM Lead partners closely with Application Security, Vulnerability Management, Red Team, and Security Operations to deliver a unified mission -- transforming exposure insights into measurable risk reduction and proactive defense.
Accountabilities
* Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles.
* Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture.
* Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms.
* Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies.
* Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise.
* Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions.
* Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface.
* Translate technical findings into business risk language, enabling senior leadership and risk committees to make data‑driven investment decisions.
* Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes.
* Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness.
* Partner with architecture and engineering teams to embed proactive exposure management practices earlier in design and delivery pipelines.
* Represent the organization externally, contributing to sector‑wide initiatives (FS‑ISAC, MITRE Engenuity, etc.) to advance exposure management practices across financial services.
Vulnerability Management Accountabilities
* Allocation of the correct risk rating and remediation prioritisation to a vulnerability based on industry standards for assessment, available threat intelligence concerning exploitation, the reachability of the host (or asset) and the value of the service(s) running on the impacted host.
* Development of vulnerability management operating model, policies and procedures to ensure consistency in vulnerability identification, remediation and reporting. Element owner of the Vulnerability Management Standard including Issues Management and Regulatory alignment.
* Communication of vulnerabilities to relevant parties including senior stakeholders, vendors, external security partners and affected business units using reports and dashboards and provide recommendations for improvement in vulnerability management practices.
* Collaboration with Threat intelligence and Cyber Operations teams to assess and contextualise exposure to latest threat trends and exploits and set appropriate remediation timescales.
* Definition of requirements and acceptance criteria for the implementation and maintenance of automation tools to streamline vulnerability management processes within operating systems and applications.
* Reporting of remediation status of Security Assurance Specialist team findings against Key Risk Indicators.
Essential Skills / Basic Qualifications
* Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction.
* Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies.
* Strong understanding of attack paths, adversary emulation, and continuous validation concepts.
Desirable skills/Preferred Qualifications:
* Experience in financial services or other regulated sectors.
* Familiarity with MITRE ATT&CK/CTID, CISA Secure-by-Design, NIST CSF 2.0/CRI Profile, and DORA/FFIEC exposure frameworks.
* Experience with cloud environments (AWS, Azure, GCP) and hybrid infrastructure exposure management.
* Understanding of vulnerability exploitability scoring (EPSS, CVSSv4) and exposure correlation methods.
* Advanced degree or certifications such as CISSP, OSCP, or GCP/Azure security specialist.
* Demonstrated ability to build data-driven dashboards for exposure visibility and remediation governance.
Purpose of the role
To keep our customers, clients, and colleagues safe by identifying cyber-vulnerabilities across the Bank, using a risk-based approach to prioritise them, and to drive effective remediation activity.
#J-18808-Ljbffr