VP, Threat Intelligence Operations and Automation Leader

Responsibilities

• Lead an d set the long-term and day-to-day organizational strategies and operational rhythms for teams responsible for Digital Risk Intelligence (cyber-fraud intelligence ) , Technical Intelligence, Threat Informed Defense (cyber detection ), and Security Automation.
• D efin e and implement strategies and processes related to end-to-end detection and response activities and tradecraft that increas e the organizations ' abilit ies ;

maintain strong oversight andernance of those processes and capabilities allowing for evaluation of risks.

• Engage and partner with leaders internal to Information Security, Technology, Fraud , and across the business to identify intelligence, detection and security automation requirements .
• Supervise and set standards for intelligence analysis and production across all delivery mediums .
• Define and implement strategies and processes for identification, collection, and processing of prioritized intelligence from external and internal sources and maintain accountability for supplier-provided intelligence providers and tools.
• Establish and maintain technical workflows to identify detection and automation requirements , to prioritize related work , and to deploy content and alerting , to include methods to validate and evaluate the accuracy and continued validity of underlying detection and automation code.
• Utilize industry best practices and frameworks to adopt and / or create custom detection content and to catalog detection content in a prioritized fashion .
• Participate in cross-sector engagements to benchmark teams' capabilities, identify strategic and tactical requirements, and to increase maturity as related to cyber intelligence, cyber detection, and security automation.
• Identify and define means to measure program operations and effectiveness on a recurring and ad-hoc basis (KPI / KRI) in conjunction with direct-subordinates responsible for day-to-day operations.
• Lead engagements with suppliers directly supporting the Threat Intelligence Operations and Automation function to include evaluation and onboarding of new suppliers;

assist in budget builds.

• Maintain, revise and draft procedures and controls necessary to aid in effective risk andernance for all facets of the Threat Intelligence Operations and Automation function.
• Prioritize mentoring, leadership, and administrative management of assigned personnel to include goal setting, feedback, and performance evaluation.
• Perform other duties and / or special projects as assigned.

Qualifications / Requirements :

• Bachelor's degree inputer Engineering or related field, with a minimum of 7 years of experience in Information Technology or in lieu of Bachelor's degree, High School diploma and 10 years of Information Technology experience Prior cyber intelligence , detection and security automation experience
• Prior cyber incident response experience and / or experience working in high tempo cyber operations environments.
• Results driven, strategic, conceptual, and innovative thinker.
• Experience presenting to senior management.
• Highly analytical, detail-oriented, and strong problem solving with amon-sense approach to resolving problems.
• Expertise to clearly defineplex issues despite iplete or ambiguous information.
• For internal Synchrony applicants, a minimum of 18 months inpany and 12 months in current role is a must . Employees in active CAP / PIP are not eligible to apply for the role.

Employees with performance rating of CT or OC are only eligible.

Desired Characteristics :

• One or more relevant security certifications (CISSP, SANS GIAC, GPEN, GCIA, etc.)
• Deep knowledge and experience with detection content creation and tuning as related to SIEM, UEBA, NGAV / EDR, IDS / IPS, DLP and other detection technologies
• Experience with SOAR and other automation platforms
• Experience with Cloud detection and response activities and technologies
• Experience performing cyber threat analysis, detection engineering, threat hunting and incident response.
• Understanding of industry intelligence, detection and response frameworks including MITRE ATT&CK
• Knowledge of crisis management, threat modeling, vulnerabilities management and application security
• Strong technical knowledge of scripting languages and data access methodologies
• USernment Security Clearance
• Strong oral and writtenmunications skills
• Strong analytical and evaluative thinking
• Strong Interpersonal and leadership skills
• Excellent consulting skills and superior ability to develop and maintain effective client relationships
• Proven experience with program and project management methodologies , specifically Agile, and a solid track record of delivering business value

Grade / Level : 14

The salary range for this position is 170, - 290, USD Annual and is eligible for an annual bonus based on individual andpany performance.

Actualpensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements :

• You must be 18 years or older
• You must have a high school diploma or equivalent
• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
• N ew hires (Level 4-7) must have 9 months of continuous service with thepany before they are eligible to post on other roles.

Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles.

Employees, level 8 or greater, must have at least 18 months' time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance expectations).

Legal authorization to work in the is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Ourmitment :

When you join us, you'll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard-but valued.

We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work.

Together, we're building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+ , with more than 60% of our workforce engaged, you'll findmunity to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Amodation Notice :

Federal law requires employers to provide reasonable amodation to qualified individuals with disabilities. Please tell us if you require a reasonable amodation to apply for a job or to perform your job.

Examples of reasonable amodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

If you need special amodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627.

Representatives are available from 8am - 5pm Monday to Friday, Central Standard Time

Job Family Group :

Information Technology Job ID E2402640-19