[Hiring] Director, Cyber Threat Management @Thomson Reuters

Role Description

We are seeking a Director of Cyber Threat Management to lead key cyber defense programs across Cyber Threat Intelligence, Enterprise Vulnerability Management, and Attack Surface Reduction. This is a 100% remote (USA) role, leading a high-impact team that partners closely with Security Operations, Security Engineering, Infrastructure, Application Development, Cloud, and Risk Management to drive measurable reduction in organizational risk.

In this opportunity, as Director of Cyber Threat Management you will:

• Lead and grow a multidisciplinary cyber threat management organization, including Cyber Threat Intelligence, Enterprise Vulnerability Management, and Attack Surface Reduction (people leader scope: 7 direct reports, plus a manager with an additional team).
• Own Cyber Threat Intelligence (CTI) by monitoring open and closed sources, assessing relevance, and disseminating actionable intelligence to protect Thomson Reuters and its customers.
• Maintain and operationalize a robust IOC repository, ensuring intelligence integrates with detection and response technologies and aligns to operational use cases.
• Prioritize the threat actor landscape (including nation-state adversaries and their TTPs) and partner with Threat Detection Engineering to map, validate, and enhance detections and controls.
• Direct the Enterprise Vulnerability Management program, including:
  • Deployment/optimization of vulnerability detection across infrastructure, applications, cloud, and other technology platforms.
  • Correlation/normalization of findings across multiple sources.
• Build clear remediation guidance across vulnerability types and teams, driving a unified, risk-based prioritization model and practical playbooks that improve speed and consistency of remediation.
• Lead Attack Surface Reduction through external discovery and continuous monitoring, proactively identifying and driving remediation of exposures such as misconfigurations, shadow IT, and insecure service.

Qualifications

• Demonstrated experience leading cyber defense teams/programs (e.g., CTI, vulnerability management, attack surface reduction, detection engineering, security operations).
• Proven people leadership strength: hiring, mentoring, and developing cybersecurity professionals across multiple experience levels, including leading leaders/managers.
• Strong understanding of threat actor tracking and TTP-driven defense, and the ability to translate intelligence into practical defensive improvements (detections, controls, priorities).
• Hands-on familiarity with enterprise vulnerability management operating models, including integrating data from multiple security sources and driving risk-based remediation outcomes.
• Experience building repeatable, well-documented, auditable processes with measurable outcomes (e.g., remediation SLAs, KPIs/KRIs, risk reduction metrics).
• Ability to drive execution through influence and partnership across Security Operations, Security Engineering, Infrastructure, Application Development, Cloud, and Risk Management.
• Executive communication skills—able to deliver concise, business-relevant updates on threats, exposure, and risk posture.

Benefits

• Flex My Way: Supportive workplace policies designed to help manage personal and professional responsibilities, including work from anywhere for up to 8 weeks per year.
• Career Development and Growth: Culture of continuous learning and skill development, with programming to ensure tools and knowledge for growth.
• Industry Competitive Benefits: Comprehensive benefit plans including flexible vacation, two company-wide Mental Health Days off, access to the Headspace app, retirement savings, tuition reimbursement, and resources for wellbeing.
• Culture: Award-winning reputation for inclusion and belonging, flexibility, work-life balance, and adherence to company values.
• Social Impact: Opportunities for community impact with paid volunteer days and involvement in pro-bono consulting projects and ESG initiatives.
• Making a Real-World Impact: Helping customers pursue justice, truth, and transparency.
• Comprehensive benefits package including health, dental, vision, disability, life insurance, and a competitive 401k plan with company match.
• Additional benefits: Optional insurance, Flexible Spending and Health Savings Accounts, fitness reimbursement, Employee Assistance Program, Group Legal Identity Theft Protection, and more.