Vice President, Cyber Threat Center

Shape the Future with Dun & Bradstreet At Dun & Bradstreet, we believe data has the power to create a better tomorrow. As a global leader in business decisioning data and analytics, we help companies worldwide grow, manage risk, and innovate. For over 180 years, businesses have trusted us to turn uncertainty into opportunity. We’re a diverse, global team that values creativity, collaboration, and bold ideas. Are you ready to make an impact and help shape what’s next? Join us! Explore opportunities at dnb.com/careers. The Vice President of Cyber Threat Center (CTC) is a senior leader within D&b’s Global Security & Risk team responsible for leading a global, 24x7 capability that protects the enterprise from cyber threats. The Vice President of Cyber Threat Center oversees four integrated pillars, Security Operations & Incident Response (SOC/IR), Detection Engineering & Automation, Threat Intelligence, and Vulnerability & Exposure Management, to drive proactive defense, rapid incident containment, and continuous risk reduction. The VP will set strategy and vision, establish outcome-based metrics (e.g., MTTD/MTTR, exposure reduction, detection coverage), advance automation and engineering rigor, and partner across Technology, Risk, Legal, and the Business to safeguard the organization at scale. This role can be based in Center Valley, PA, Austin, TX, or Jacksonville, FL. Key Responsibilities Set Strategy & Operating Model - Define and execute the multi‑year Cyber Threat Center strategy and global follow‑the‑sun model, including org design, talent plan, and partner ecosystem. Lead 24x7 SOC & Incident Response - Oversee monitoring, triage, investigation, and response; act as executive incident commander for material events with strong crisis communications. Detection Engineering (Detection-as-Code) - Govern a detection-as-code program (CI/CD, testing, version control), map coverage to MITRE ATT&CK, and maintain a detection registry. Scale Automation & Orchestration - Drive SOAR and custom automations for enrichment and response; increase automation coverage and reduce MTTD/MTTR and analyst toil. Direct Threat Intelligence (CTI) - Set PIRs, run collection and analysis, deliver actionable intel products, and convert TTPs into detections; collaborate with ISACs and law enforcement. Own Vulnerability & Exposure Management - Lead threat-based VM across infrastructure, cloud/containers/K8s, and SaaS; enforce remediation SLAs and deliver unified exposure views. Establish Metrics & Executive Reporting - Define OKRs/KPIs (e.g., MTTD/MTTR, detection coverage, exposure reduction) and communicate outcomes, risks, and trends to senior leadership and the Board. Ensure Readiness & Resilience - Maintain IR plans, playbooks, and crisis processes; run tabletop/purple‑team exercises; oversee DFIR, malware analysis, and evidence handling. Partner on AI, Architecture, Identity & Cloud Security - Influence roadmaps (zero trust, logging/telemetry standards) and align controls with frameworks/regulations (NIST/ISO/PCI/GDPR, etc.). Understand risks to AI and the detection and response lifecycle related to AI threats. Manage Technology, Vendors & Budget - Rationalize tooling for capability and cost efficiency; manage contracts, outcomes‑based engagements, third‑party integration, and M&A onboarding. Build High‑Performance Teams & Culture - Recruit, develop, and mentor global leaders; drive efficiency, continuous learning, and clear planning. Skills and/or Certifications Needed 12–15+ years of progressive cybersecurity experience with 7+ years leading large, global teams across two or more of: SOC/IR, Detection Engineering/Automation, CTI, and Vulnerability/Exposure Management. Proven executive leadership in 24x7 operations, major incident command, and cross‑functional crisis management. Demonstrated success building engineering‑centric programs (detection‑as‑code, CI/CD for detections, telemetry pipelines, SOAR automation) and driving measurable outcomes. Experience operating at enterprise scale (multi‑cloud, hybrid, distributed workforce) and in regulated industries. Hands‑on familiarity with modern stacks and patterns (examples): SIEM/XDR: Splunk, Chronicle, Microsoft, CrowdStrike, SentinelOne SOAR/Automation: XSOAR, Tines, Swimlane, custom orchestrations Threat Intel/TIP: Recorded Future, Anomali, MISP Vulnerability/Exposure: Tenable, Qualys, Rapid7, Wiz, ASM/CSPM Cloud & Containers: GCP/AWS/Azure; Kubernetes, GKE/EKS/AKS Experience with red/purple teaming and detection engineering mapped to MITRE ATT&CK. Background managing budgets ($MM), vendor ecosystems, and outcomes‑based contracts. Benefits We Offer Generous paid time off in your first year, increasing with tenure. Up to 16 weeks 100% paid parental leave after one year of employment. Paid sick time to care for yourself or family members. Education assistance and extensive training resources. Do Good Program: Paid volunteer days & donation matching. Competitive 401k with company matching. Health & wellness benefits, including discounted Wellhub membership rates. Medical, dental & vision insurance for you, spouse/partner & dependents. Equal Employment Opportunity (EEO) Dun & Bradstreet provides equal employment opportunities to applicants and employees without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law. Know Your Rights: Workplace Discrimination is Illegal - The current poster can be found here. We participate in E-Verify - The current poster can be found here. Accommodations information for applicants with disabilities Dun & Bradstreet is committed to providing reasonable accommodation to, among others, individuals with disabilities and disabled veterans. If you need an accommodation because of a disability to search and apply for a career opportunity with Dun & Bradstreet, please send an e‑mail to View email address on click.appcast.io to let us know the nature of your accommodation request and your contact information. #J-18808-Ljbffr