Vulnerability and Exposure Management Program Manager

US Bank

Hybrid Actively hiring Posted this week
Minneapolis, MN · Atlanta, GA · Cincinnati, OH · Charlotte, NC · Chicago, IL Posted 5 days ago $170,255$200,300 / year
View original post Log in to save

At a glance

AI generated

TL;DR

The Vulnerability and Exposure Management Program Manager is a strategic leadership role within a highly regulated environment at U.S., responsible for transforming the enterprise vulnerability management program into an advanced exposure management capability. This leader will define and execute a multi-year roadmap, build a new team of 25-35 employees including 5-8 direct reports, and partner with technology and business leaders to embed security practices across cloud, data, digital, and AI initiatives. Key responsibilities include driving risk-based prioritization, modernizing tooling and processes with AI integration, delivering executive reporting, and ensuring regulatory compliance. The ideal candidate has over a decade of experience in enterprise-scale information security programs, strong negotiation skills, and expertise in vulnerability management, exposure reduction strategies, and attack surface management.

Skills

CI/CD AI Kubernetes Terraform Python PostgreSQL Prometheus Grafana AWS Azure Google Cloud Docker GitLab Jira Confluence Splunk ServiceNow Snowflake Tableau Regulatory Compliance ISO 27001 PCI DSS SOX NIST Cybersecurity Framework

What you'll do

  • Define and execute enterprise vulnerability and exposure management strategy and multi-year roadmap.
  • Build and lead a new exposure management capability across cloud, data, digital, and AI initiatives.
  • Drive risk-based prioritization and remediation by integrating severity, exploitability, and business context.
  • Partner with CIO/CTO organizations to embed vulnerability reduction into delivery practices and operational processes.
  • Modernize tooling and automation for improved detection and remediation speed and accuracy.
  • Lead a multi-layer organization (25–35+ employees) focusing on strategy and outcomes.

What we're looking for

  • 10+ years of progressive experience in information security or technology risk management in large organizations.
  • Bachelor’s degree in a related field and professional certifications like CISSP, CISM, or equivalent.
  • 5+ years of people leadership experience, including leading managers and multi-layer teams.
  • Strong executive presence and negotiation skills to influence senior executives and drive alignment.
  • Experience operating in highly regulated industries with knowledge of regulatory requirements.
  • Expertise in vulnerability management, exposure reduction strategies, and attack surface management.

Employer

About US Bank

U.S. Bank (U.S. Bancorp) is the fifth-largest bank in the United States, providing retail banking, corporate and commercial banking, wealth management, and payment services to millions of customers. Industry: Banking & Financial Services

US Bank currently has 22 open roles on FindRole.

Listed pay typically runs $119,765–$140,900 across 22 roles with salary data.

Most-posted roles

View all roles at US Bank