Job Description:
Role Summary/Purpose:
The VP, Cyber Detection and Response Leader leads all Information Security aspects of the Synchrony Joint Security Operations Center (JSOC). This role fosters a culture of innovation and collaboration while maintaining steady state operations across the four JSOC teams: Cyber Hunt, Cyber Threat Operations and Response, Incident Management, and Advanced Threat Response. This individual is responsible for developing and executing the JSOC strategy and leading incident response efforts from end-to-end, and leads for the Synchrony Core Team, a cross-functional group comprised of representatives from the following Synchrony departments: Information Security, Cybersecurity Counsel, Crisis Management, Corporate Affairs, Privacy, SEC Legal Securities, Service Delivery, Enterprise Operations, Source-To-Pay, and others. Finally, this individual is a Level 3 (L3) Process Owner for the Information Security Respond process.
Our Way of Working
We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.
Essential Responsibilities:
The most senior incident escalation point for the 24/7/365 JSOC. The leader will ensure steady state operations are optimally configured and measured to detect internal and external threats.
Drive daily and weekly operational calls to ensure unification of personnel.
Be an example of how to collaborate and work with other teams within Information Security, Physical Security, Fraud, and IT.
Work in coordination with other IT security functions to determine requirements and opportunities for threat detection and policy / prevention recommendations.
Support incident response activities, assisting with the artifact collection, triage and remediation processes while documenting lessons learned.
Support intelligence and hunt activities to detect advanced adversary threats.
Utilize key performance indicators to track analyst workloads as well as the efficiency of detection signatures/rules and associated monitoring technologies.
Identify potential process improvement projects and serve as a change agent through IT.
Interface with fellow team members, colleagues on the security team, business partners, management, vendors, and external parties on best practices.
Responsible to ensure IS tools and processes meet regulatory requirements
Establish and maintain business/IS relationship.
Understand business objectives, priorities, drivers and technology focus areas.
Benchmark and implement industry best practices to mitigate potential threats to Synchrony's digital infrastructure and operations such as MITRE ATT&CK and NIST CSF.
Contextualize findings to Synchrony's specific business risks or vulnerabilities
Support the design and implementation of procedures and controls necessary to ensure and protect the safety and security of all information systems assets, including prevention of intentional or inadvertent access, modification, disclosure, or destruction.
Provide subject matter expertise and counsel to management regarding vendors, technologies, and special projects.
Support the preparation of appropriate reports and communicate status and results
Collaborate with management in developing technical directions, setting objectives, and setting realistic and challenging goals
Perform other duties and/or special projects as assigned
Qualifications/Requirements:
Bachelor’s degree in Computer Engineering or related field, with a minimum of 12+ years of experience in Information Technology.
Prior cyber incident response experience and/or experience working in high tempo cyber operations environments.
Must have expertise and exposure in Content Development, Threat Intel & Hunting and SOC Continuous Monitoring.
Results driven, strategic, conceptual, and innovative thinker
Experience presenting to senior management
Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems
Expertise to clearly define complex issues despite incomplete or ambiguous information
Strong oral and written communications skills
Strong interpersonal and critical thinking skills
Excellent consulting skills and superior ability to develop and maintain effective client relationships
Desired Characteristics:
One or more relevant security certifications (CISSP, GCIH, GCIA, GCFE, GCFA, or comparable)
Must have experience in managing an Information Security Operations Center (SOC)
Must have experience in driving strategy for detection and response capabilities
Must have expertise and exposure in SOAR, SIEM, EDR and Cloud Security tools.
Strong oral and written communication
Grade/Level: 14
The salary range for this position is 170,000.00 - 290,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.
Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.
Salaries are adjusted according to market in CA, NY Metro and Seattle.
Eligibility Requirements:
You must be 18 years or older
You must have a high school diploma or equivalent
You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Our Commitment:
When you join us, you’ll be part of an inclusive culture where your individual skills, experience, and voice are not only heard – but valued. Together, we’re building a future where we can all belong, connect, and turn ideals into action. More than 50% of our workforce is engaged in our Employee Resource Groups (ERGs), where community and passion intersect to offer a safe space to learn and grow.
This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status. We’re proud to have an award-winning culture for all.
Reasonable Accommodation Notice:
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time
Job Family Group:
Information Technology