Head of Cyber Threat Exposure and Attack Surface Management

Lead the enterprise-wide Continuous Threat Exposure Management (CTEM) strategy

Ensure that the firm continuously identifies, prioritizes, and mitigates exploitable attack paths across on-prem, cloud, and hybrid environments. The CTEM Lead partners closely with Application Security, Vulnerability Management, Red Team, and Security Operations to deliver a unified mission – transforming exposure insights into measurable risk reduction and proactive defense.

• Own and drive the global CTEM strategy, establishing a continuous, threat-driven exposure management lifecycle aligned with NIST, MITRE, and CISA Secure-by-Design principles.
• Lead and develop a high-performing CTEM team, fostering collaboration, technical excellence, and an outcome-driven culture.
• Integrate and oversee key exposure management technologies, including Cloud Security Posture Management (CSPM), SaaS Security Posture Management (SSPM), Attack Surface Management (ASM), Breach & Attack Simulation (BAS), and other exposure correlation platforms.
• Correlate assets, identity, vulnerability, and configuration to identify high-impact, exploitable attack paths and inform prioritized remediation strategies.
• Collaborate with Application Security, Vulnerability Management, Red Team, and Security Operations to synchronize discovery, validation, and remediation of exposures across the enterprise.
• Align CTEM outputs with real-world adversary behaviors, leveraging Red Team and Threat Intelligence input to validate attack paths and focus on exploitable conditions.
• Drive automation and AI-enabled analytics to continuously map, assess, and measure reductions in the organization’s attack surface.
• Translate technical findings into business risk language, enabling senior leadership and risk committees to make data-driven investment decisions.
• Define and lead CTEM governance and operating models, ensuring exposure assessments, validation, and remediation tracking are embedded in operational processes.
• Establish clear KRIs and maturity metrics that demonstrate continuous improvement in visibility, validation, and response effectiveness.
• Partner with architecture and engineering teams to embed proactive exposure management practices earlier in design and delivery pipelines.
• Represent the organization externally, contributing to sector-wide initiatives (FS-ISAC, MITRE Engenuity, etc) to advance exposure management practices across financial services.

• Experience in cybersecurity with direct exposure to vulnerability management, red teaming, or threat exposure reduction.
• Proven track record leading programs integrating CSPM, SSPM, ASM, BAS, or exposure correlation technologies.
• Strong understanding of attack paths, adversary emulation, and continuous validation concepts.

• Experience in financial services or other regulated sectors.
• Familiarity with MITRE ATT&CK/CTID, CISA Secure-by-Design, NIST CSF 2.0/CRI Profile, and DORA/FFIEC exposure frameworks.
• Experience with cloud environments (AWS, Azure, GCP) and hybrid infrastructure exposure management.
• Understanding of vulnerability exploitability scoring (EPSS, CVSSv4) and exposure correlation methods.
• Advanced degree or certifications such as CISSP, OSCP, or GCP/Azure security specialist.
• Demonstrated ability to build data-driven dashboards for exposure visibility and remediation governance.