Director of Data & Analytics leading enterprise analytics and AI solutions in support of Internal Audit. Driving data modernization, governance, and team development at a Fortune 10 healthcare leader.
About the role
- Director of Vulnerability Management overseeing vulnerability management team to protect Fitch’s assets. Leading strategic initiatives in a hybrid work environment.
Responsibilities
- Define and execute the strategic roadmap the Unified Vulnerability Management program, including resource planning, performance tracking, and establishing and reporting on metrics (key performance indicators; key risk indicators; and objectives and key results) for the program.
- Lead the end-to-end vulnerability management lifecycle using a consistent, risk-based assessment methodology that evaluates likelihood, impact, control environment and Fitch specific business context, ensuring timely remediation and compliance with internal policies.
- Govern the intake, normalization, and triage of findings originating from tools and assessments to ensure alignment with a unified lifecycle management process.
- Manage vulnerabilities identified from scanning tools covering open source, custom source code, dynamic application scanning, static application scanning, infrastructure scanning, and cloud security posture management solutions. (SCA, SAST, DAST, infrastructure, and CSPM)
- Provide risk informed visibility to stakeholders through clear dashboards and other reporting mechanisms which indicate remediation expectations.
- Ensure proper reporting of vulnerabilities to stakeholders and drive remediation efforts from an Information Security perspective.
- Develop strong partnerships with engineering, application development, and infrastructure teams to ensure aligned remediation workflows and streamlined ticketing processes for opening and closing vulnerabilities.
- Maintain and track team workload, ensuring transparency and accountability.
- Collaborate with subject matter experts across InfoSec and Technology to contextualize findings, validate assessments, resolve ambiguity and accelerate closure without compromising risk posture.
- Own and operationalize Fitch’s cyber risk taxonomy, threat intelligence, compensating control analysis, and architectural context to ensure findings are prioritized appropriately.
- Perform contextual analyses for vulnerability risk prioritization based on the following criteria: the business criticality of systems to Fitch, cloud architecture details such as network segmentation and access controls, understanding of system and application architecture, and data confidentiality.
- Produce and maintain dashboards, metrics and trend analyses that facilitate consumption of risk information and enable responses to requests for executive reporting and audit requests.
- Deliver VM team projects on time and on budget, ensuring alignment with department goals, organizational goals, and regulatory requirements.
Requirements
- The ideal candidate will have 7-10 years of progressive leadership experience in Information Security, with at least 2 years in a dedicated Vulnerability Management role.
- They should demonstrate strong leadership skills, experience managing vulnerabilities across SAST, DAST, SCA, infrastructure, and CSPM solutions, and excellent communication and collaboration abilities for engaging technical teams and senior stakeholders.
- 7+ years of progressive security experience, with at least 3+ years assessing and managing vulnerability risks for multi-cloud enterprise systems.
- Experience applying industry frameworks and compliance standards (NIST, DORA) to apply risk classifications during the vulnerability lifecycle management process.
- Experience producing contextual analysis for vulnerability risk prioritization based on: the business criticality of systems, cloud architecture details such as network segmentation and access controls, understanding of system and application architecture, and data confidentiality.
- Experience coordinating management of multiple vulnerability scanning tools and managing vulnerabilities identified from scanning tools covering open source, custom source code, dynamic application scanning, static application scanning, infrastructure scanning, and cloud security posture management solutions. (SCA, SAST, DAST, infrastructure, and CSPM)
- Experience managing remediation lifecycles through enterprise ticketing systems for vulnerability tracking and workflow automation.
- Proven ability to create executive-level dashboards and reports for vulnerability metrics.
- Excellent communication and collaboration skills for engaging technical teams and senior stakeholders.
- Leadership and team management skills, including resource planning, OKR setting, and performance reviews.
- Strong problem-solving skills and ability to make risk-based decisions while managing multiple projects simultaneously.
- Experience leveraging or guiding the work to use AI-powered security tools or platforms to improve vulnerability detection and remediation workflows.
Benefits
- Hybrid Work Environment: 2 to 3 days a week in office required based on your line of business and location
- A Culture of Learning & Mobility: Dedicated trainings, leadership development and mentorship programs designed to ensure that your time at Fitch will be a continuous learning opportunity
- Investing in Your Future: Retirement planning, financial wellness and tuition reimbursement programs that empower you to achieve your short and long-term goals
- Promoting Health & Wellness: Comprehensive healthcare offerings that prioritize a healthy body & mind
- Supportive Parenting Policies: Family-first policies, including a generous global parental leave plan, designed to help you balance career and family life effectively
- Dedication to Giving Back: Paid volunteer days and support for community engagement initiatives
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
No Education Requirement
Tech skills
Location requirements
Child Care Assistant Director supporting daily operations at Bright Horizons early childhood center. Ensuring compliance with standards while fostering an inclusive environment for children and families.
Piloter le développement d’un magasin d’optique à Fontenay - sous - Bois. Accueillir et fidéliser une clientèle exigeante tout en gérant une équipe.
Associate Director of Biostatistics providing technical and operational support for clinical trials in a global biopharmaceutical company. Focusing on statistical analysis and regulatory compliance.
Executive Director leading Brand and Reputation team to enhance corporate visibility at BeOne, a global oncology company. Overseeing communications strategies and managing a leadership team.
Global Head of Capgemini Alliance at OpenAI overseeing enterprise partnership performance and transformation initiatives. Collaborating with executive leadership and managing key strategic operations.
Director Comercial managing broker relations and driving business growth at Zurich insurance company. Focusing on direct sales actions and sustainable company growth.
Executive Underwriter responsible for driving growth and maintaining broker relationships in Zurich's E&S Casualty team. Collaborative role with a focus on risk assessment and market visibility.
Regional Director Medical Affairs driving scientific & medical affairs plans for GU Therapy Areas in EEMEA. Collaborating with commercial and scientific leaders across the region.
Team Director leading Global Clinical Supply Planning at GSK, ensuring medicine delivery and lifecycle management. Overseeing supply plans and team development in a hybrid working model.