Job Description:

Role Summary/ Purpose:

The VP, Threat Intelligence Operations and Automation Leader is responsible for leading the strategy and operations of Cyber Intelligence, Threat Informed Defense, and Security Automation programs supporting Cyber Operations and Information Security. The Leader is responsible for strategy, operational oversight, and governance of all aspects of cyber threat intelligence-to include ensuring Synchrony's cyber detection program is properly aligned and responsive to cyber threats- the design and deployment of detection content, and for security automation supporting the 24x7 Joint Security Operations Center (JSOC) and other Information Security automation requirements The ideal candidate will possess deep technical understanding of threat intelligence, cyber-fraud, cyber detection, security automation, and how to best service intelligence, detection, and automation requirements of a 24x7 security operations and incident response center.

We're proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.

Essential Responsibilities:

Lead and set the long-term and day-to-day organizational strategies and operational rhythms for teams responsible for Digital Risk Intelligence (cyber-fraud intelligence), Technical Intelligence, Threat Informed Defense (cyber detection), and Security Automation.

Define and implement strategies and processes related to end-to-end detection and response activities and tradecraft that increase the organizations' abilities; maintain strong oversight and governance of those processes and capabilities allowing for evaluation of risks.

Engage and partner with leaders internal to Information Security, Technology, Fraud, and across the business to identify intelligence, detection and security automation requirements.

Supervise and set standards for intelligence analysis and production across all delivery mediums.

Define and implement strategies and processes for identification, collection, and processing of prioritized intelligence from external and internal sources and maintain accountability for supplier-provided intelligence providers and tools.     

Establish and maintain technical workflows to identify detection and automation requirements, to prioritize related work, and to deploy content and alerting, to include methods to validate and evaluate the accuracy and continued validity of underlying detection and automation code.

Utilize industry best practices and frameworks to adopt and/or create custom detection content and to catalog detection content in a prioritized fashion.

Participate in cross-sector engagements to benchmark teams' capabilities, identify strategic and tactical requirements, and to increase maturity as related to cyber intelligence, cyber detection, and security automation.

Identify and define means to measure program operations and effectiveness on a recurring and ad-hoc basis (KPI/KRI) in conjunction with direct-subordinates responsible for day-to-day operations.

Lead engagements with suppliers directly supporting the Threat Intelligence Operations and Automation function to include evaluation and onboarding of new suppliers; assist in budget builds.

Maintain, revise and draft procedures and controls necessary to aid in effective risk and governance for all facets of the Threat Intelligence Operations and Automation function.

Prioritize mentoring, leadership, and administrative management of assigned personnel to include goal setting, feedback, and performance evaluation.

Perform other duties and/or special projects as assigned.

Qualifications/ Requirements:

Bachelor's degree in Computer Engineering or related field, with a minimum of 7 years of experience in Information Technology or in lieu of Bachelor's degree, High School diploma and 10 years of Information Technology experience Prior cyber intelligence, detection and security automation experience

Prior cyber incident response experience and/or experience working in high tempo cyber operations environments.

Results driven, strategic, conceptual, and innovative thinker.

Experience presenting to senior management.

Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems.

Expertise to clearly define complex issues despite incomplete or ambiguous information.

For internal Synchrony applicants, a minimum of 18 months in company and 12 months in current role is a must. Employees in active CAP/PIP are not eligible to apply for the role. Employees with performance rating of CT or OC are only eligible.

Desired Characteristics:

One or more relevant security certifications (CISSP, SANS GIAC, GPEN, GCIA, etc.)

Deep knowledge and experience with detection content creation and tuning as related to SIEM, UEBA, NGAV/EDR, IDS/IPS, DLP and other detection technologies

Experience with SOAR and other automation platforms

Experience with Cloud detection and response activities and technologies

Experience performing cyber threat analysis, detection engineering, threat hunting and incident response.

Understanding of industry intelligence, detection and response frameworks including MITRE ATTCK

Knowledge of crisis management, threat modeling, vulnerabilities management and application security

Strong technical knowledge of scripting languages and data access methodologies

US Government Security Clearance

Strong oral and written communications skills

Strong analytical and evaluative thinking

Strong Interpersonal and leadership skills

Excellent consulting skills and superior ability to develop and maintain effective client relationships

Proven experience with program and project management methodologies, specifically Agile, and a solid track record of delivering business value

Grade/Level: 14

The salary range for this position is 170,000.00 - 290,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements:

You must be 18 years or older

You must have a high school diploma or equivalent

You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months' time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Our Commitment:

When you join us, you'll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard-but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we're building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+ (https://www.synchronycareers.com/our-culture/#diversity) , with more than 60% of our workforce engaged, you'll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am - 5pm Monday to Friday, Central Standard Time

Job Family Group:

Information Technology