Director, Attack Surface & Infrastructure Vulnerability Management

Director, Attack Surface & Infrastructure Vulnerability ManagementJob Locations: US-RemoteOur MissionOur mission is to SAVE AND IMPROVE LIVES BY EMPOWERING HEALTHCARE CONSUMERS. Come be part of remarkable.OverviewHow You Can Make a DifferenceAt HealthEquity, security protects something deeply personal. People trust us with their health, their finances, and their futures. In this role, you will help protect that trust at scale.You will shape how the company understands, prioritizes, and reduces realworld risk across every product and platform we run. This is not a role focused on chasing vulnerabilities or managing tools. It is an opportunity to build a modern, intelligent, and outcomedriven security capability that leadership relies on and engineering partners value.Your work will directly influence how we invest, how teams build, and how resilient our technology ecosystem becomes over time. If you want ownership, visibility, and the chance to leave a lasting mark on a growing organization, this role was designed for you.What You'll Be DoingDefine and lead the longterm enterprise strategy for attack surface and infrastructure vulnerability managementDrive modernization of Product Security capabilities including automated risk scoring, AIenabled security, riskbased vulnerability management, and targeted offensive securityOwn the full vulnerability lifecycle across cloud, infrastructure, endpoints, identities, and platformsBuild prioritization models that reflect real risk using exploitability, exposure, asset criticality, and business impactLead continuous discovery and reduction of internal and external attack surface across all production environmentsPartner closely with Engineering, Product, Cloud Platform, IT, Security Operations, Risk, Compliance, and Legal to drive durable risk reductionEstablish and oversee targeted offensive security initiatives that validate realworld exploitability and influence architecture and investment decisionsDefine ASVM tool strategy, integrations, automation, and trusted data pipelines across the security ecosystemTranslate complex technical risk into clear, executivelevel insights that inform business decisionsBuild, lead, and develop a highperforming team with clear ownership, accountability, and growth pathsDefine KPIs and deliver regular executive updates on risk posture, trends, and program effectivenessWhat You Will Need to Be SuccessfulExperience and Expertise10+ years of experience in cybersecurity, with strong depth in vulnerability management, attack surface management, or infrastructure securityExperience leading enterprisescale security programs with broad organizational impactStrong understanding of cloud platforms, modern infrastructure, identity systems, and application securityHandson experience with riskbased vulnerability management and exposure prioritization beyond CVSSExperience designing or overseeing offensive security efforts such as penetration testing or adversary simulationLeadership and InfluenceProven people leader with experience hiring, coaching, and developing highperforming teamsAbility to influence senior leaders and align crossfunctional partners without relying on authority aloneComfort making strategic tradeoffs and owning outcomes that matter at an executive levelWays of WorkingOutcomefocused mindset with a bias toward measurable risk reductionStrong judgment, curiosity, and ability to operate effectively in complex environmentsPassion for building scalable, durable security capabilities that stand the test of growthAdditional DetailsReports to the VP, Head of Product SecurityFully remote rolePeopleleader position#LI-RemoteThis is a remote position.Salary Range$167,000.00 To $221,000.00 / yearBenefits & PerksThe actual compensation offer is determined based on job-related knowledge, education, skills, experience, and work location. This position will be eligible for performance-based incentives and restricted stock units as part of the total compensation package, in addition to a full range of benefits including:Medical, dental, and visionHSA contribution and matchDependent care FSA matchUncapped paid time offPaid parental leave401(k) matchPersonal and healthcare financial literacy programsOngoing education& tuition assistanceGym and fitness reimbursementWellness program incentivesOnboarding & TravelThis is a remote role, with an in-person onboarding training component. New team members must participate in Trailhead, HealthEquity's immersive onboarding experience Trailhead is designed to foster meaningful connections, support your integration into the organization, and equip you with a strong understanding of our business. Trailhead participation is a key expectation of this role. Trailhead is held onsite at our headquarters once per quarter. HealthEquity covers all required travel and accommodations.This role may begin with a virtual, self-paced onboarding experience, followed by a mandatory onsite Trailhead session at a later date.HealthEquity is committed to providing reasonable accommodations to team members with qualifying disabilities. Should you be selected for this role and require an accommodation, we will put you in touch with our Benefits Team so you can begin the accommodation request process.Why work with HealthEquityWhy work for HealthEquityHealthEquity has a vision that by 2030 we will make HSAs as wide-spread and popular as retirement accounts. We are passionate about providing a solution that allows American families to connect health and wealth. Join us and discover a work experience where the person is valued more than the position. Click here to learn more.Come be your authentic selfHealthEquity, Inc. is an equal opportunity employer that is committed to inclusion and diversity. We take affirmative action to ensure equal opportunity for all applicants without regard to race, age, color, religion, sex, sexual orientation, gender identity, national origin, status as a qualified individual with a disability, veteran status, or other legally protected characteristics. HealthEquity is a drug-free workplace. For more information about our EEO policy, or about HealthEquity's applicant disability accommodation, drug-free-workplace, background check, and E-Verify policies, please visit our Careers page.HealthEquity is committed to your privacy as an applicant for employment. For information on our privacy policies and practices, please visit HealthEquity Privacy.#J-18808-Ljbffr