×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity

Director, Attack Surface & Infrastructure Vulnerability Management

Remote / Online - Candidates ideally in
Naperville, DuPage County, Illinois, 60540, USA
Listing for: HealthEquity
Remote/Work from Home position
Listed on 2026-06-06
Job specializations:
  • IT/Tech
    Cybersecurity
Salary/Wage Range or Industry Benchmark: 80000 - 100000 USD Yearly USD 80000.00 100000.00 YEAR
Job Description & How to Apply Below

How You Can Make a Difference

At Health Equity, security protects something deeply personal. People trust us with their health, their finances, and their futures. In this role, you will help protect that trust at scale.

Overview

You will shape how the company understands, prioritizes, and reduces real‑world risk across every product and platform we run. This is not a role focused on chasing vulnerabilities or managing tools. It is an opportunity to build a modern, intelligent, and outcome‑driven security capability that leadership relies on and engineering partners value. Your work will directly influence how we invest, how teams build, and how resilient our technology ecosystem becomes over time.

If you want ownership, visibility, and the chance to leave a lasting mark on a growing organization, this role was designed for you.

What You’ll Be Doing
  • Define and lead the long‑term enterprise strategy for attack surface and infrastructure vulnerability management
  • Drive modernization of Product Security capabilities including automated risk scoring, AI‑enabled security, risk‑based vulnerability management, and targeted offensive security
  • Own the full vulnerability lifecycle across cloud, infrastructure, endpoints, identities, and platforms
  • Build prioritization models that reflect real risk using exploitability, exposure, asset criticality, and business impact
  • Lead continuous discovery and reduction of internal and external attack surface across all production environments
  • Partner closely with Engineering, Product, Cloud Platform, IT, Security Operations, Risk, Compliance, and Legal to drive durable risk reduction
  • Establish and oversee targeted offensive security initiatives that validate real‑world exploitability and influence architecture and investment decisions
  • Define ASVM tool strategy, integrations, automation, and trusted data pipelines across the security ecosystem
  • Translate complex technical risk into clear, executive‑level insights that inform business decisions
  • Build, lead, and develop a high‑performing team with clear ownership, accountability, and growth paths
  • Define KPIs and deliver regular executive updates on risk posture, trends, and program effectiveness
What You Will Need to Be Successful Experience And Expertise
  • 10+ years of experience in cybersecurity, with strong depth in vulnerability management, attack surface management, or infrastructure security
  • Experience leading enterprise‑scale security programs with broad organizational impact
  • Strong understanding of cloud platforms, modern infrastructure, identity systems, and application security
  • Hands‑on experience with risk‑based vulnerability management and exposure prioritization beyond CVSS
  • Experience designing or overseeing offensive security efforts such as penetration testing or adversary simulation
Leadership and Influence
  • Proven people leader with experience hiring, coaching, and developing high‑performing teams
  • Ability to influence senior leaders and align cross‑functional partners without relying on authority alone
  • Comfort making strategic tradeoffs and owning outcomes that matter at an executive level
Ways of Working
  • Outcome‑focused mindset with a bias toward measurable risk reduction
  • Strong judgment, curiosity, and ability to operate effectively in complex environments
  • Passion for building scalable, durable security capabilities that stand the test of growth
Additional Details
  • Reports to the VP, Head of Product Security
  • Fully remote role
  • People‑leader position

This is a remote position.

Salary Range

$ To $ / year

Benefits & Perks

The compensation range describes the typical minimum or maximum base pay range for this position. The actual compensation offer is determined based on job‑related knowledge, education, skills, experience, and work location. This position will be eligible for performance‑based incentives and restricted stock units as part of the total compensation package, in addition to a full range of benefits including:

  • Medical, dental, and vision
  • HSA contribution and match
  • Dependent care FSA match
  • Uncapped paid time off
  • Adventure accounts
  • Paid parental leave
  • 401(k) match
  • Personal and healthcare financial literacy programs
  • Ongoing education & tuition…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search