AVP, Detection and Incident Responder(L10)

Job Description:

Role Title: AVP, Detection and Incident Responder (L10)

COMPANY OVERVIEW:

Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.

• We have recently been ranked #2 among India’s Best Companies to Work for 2023, #21 under LinkedIn Top Companies in India list, and received Top 25 BFSI recognition from Great Place To Work India. We have been ranked Top 5 among India’s Best Workplaces in Diversity, Equity, and Inclusion, and Top 10 among India’s Best Workplaces for Women in 2022.

• We offer 100% Work from Home flexibility for all our Functional employees and provide some of the best-in-class Employee Benefits and Programs catering to work-life balance and overall well-being. In addition to this, we also have Regional Engagement Hubs across India and a co-working space in Bangalore.

Organizational Overview:
The mission of the Synchrony Cybersecurity Joint Security Operations Center (JSOC) is to rapidly detect, assess and respond to cyber threats against Synchrony, its employees, its customers and partners.  The Cybersecurity JSOC team is within the Cyber Operations organization and works closely with the Insider Risk Management team and the Threat Intelligence, Operations & Automations team.

Role Summary/Purpose:

The AVP, Detection and Incident Responder​​ is part of the Synchrony Joint Security Operations Center (JSOC) and is responsible leading cyber detection of information security alerts and investigating/reporting of major information security incidents supporting all business units.  The candidate would have a leadership position focused on the detection and response program operation consisting of detection, response, mitigation, and reporting of cyber security incidents; documenting and implementing the shift rotation schedule and assignments for handling escalated incidents.  The candidate is expected to have a strong understanding of both traditional on-premise security and cloud management plane (also known as cloud control plane) security.

Key Responsibilities:

• Respond to security incidents across a wide array of technologies, mitigate and contain impacts, coordinate remediation efforts, summarize and make recommendations to Sr. Management for improvements.  Security technologies utilized by the JSOC team includes: Security Incident and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), Web Application Firewall (WAF), network perimeter firewall, enterprise email security, User and Entity Behavioral Analytics (UEBA), and Cloud Access Security Broker (CASB) toolsets.

• Provide technical leadership and expertise to enable proactive detection of potential security threats and recommendations for improvements in overall security posture.

• Work with members of the Cyber Intelligence team to develop and implement threat detection logic to counter emerging cybersecurity threats.

• Document findings and create detailed reports for constituency both in written and verbal formats.

• Identify and recommend process improvements.

Required Skills/Knowledge:

• Strong verbal and written communication skills.

• People Leadership: The Leader must have a demonstrated history of leading cybersecurity professionals and be able to administer to one or more Leadership Philosophies to drive the continual development and maturity of the cybersecurity JSOC India team.

• Ability to perform logical problem solving.

• Experience of working in high performing teams and understand the dynamics of teamwork in a SOC environment.

• Industry certifications such as CISSP, GCIH, AWS Certified Cloud Practitioner, AWS Certified Security – Specialty, and other cybersecurity certifications are a plus.

Desired Skills/Knowledge:

• Results driven, strategic, conceptual, and innovative thinker.

• Experience presenting to senior management.

• Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems.

• Expertise to clearly define complex issues despite incomplete or ambiguous information.

Eligibility Criteria:

• Bachelor's degree in Computer Engineering or related field or equivalent in any computer science discipline with minimum 7 years of over all work experience or in lieu of a degree 9 years of work experience

• Minimum 5 years of cyber security and incident response or security operations related to the detection, analysis, containment, eradication and recovery from cyber security incidents.

Work Timings:

This role is responsible for leading a Cybersecurity Operations team; work hours vary based on the shift schedule.  The two primary shift schedules are Mornings (7:30AM IST to 4:30PM IST) and Afternoons (3:30PM IST until 12:30AM IST).  Occasional on-call hours are pre-coordinated to support weekend security alert escalations. and occasionally (maybe once ever 3 months) they would be on-call during the weekend

For Internal Applicants:

• Understand the criteria or mandatory skills required for the role, before applying

• Inform your manager and HRM before applying for any role on Workday

• Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)

• Must not be any corrective action plan (First Formal/Final Formal, PIP)

• L8+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.

• L08+ Employees can apply

Level / Grade : 10

Job Family Group: