Job Description

Role Title: VP, Cyber Threat Hunt (L12)Company Overview:COMPANY OVERVIEW: Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry\'s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.We have recently been ranked #5 among India\'s Best Companies to Work for 2023, #21 under LinkedIn Top Companies in India list, and received Top 25 BFSI recognition from Great Place To Work India. We have been ranked Top 5 among India\'s Best Workplaces in Diversity, Equity, and Inclusion, and Top 10 among India\'s Best Workplaces for Women in 2022.We offer 100% Work from Home flexibility for all our Functional employees and provide some of the best-in-class Employee Benefits and Programs catering to work-life balance and overall well-being. In addition to this, we also have Regional Engagement Hubs across India and a co-working space in Bangalore.Organizational Overview:The Cyber Hunt team within Synchrony\'s Joint Security Operations Center (JSOC) conducts intelligence-prioritized proactive detection activities (cyber hunts). These complex activities are intended to surface potential unauthorized activity as well as identify opportunities to improve existing controls or validate control effectiveness.Role Summary/Purpose:The VP, Cyber Threat Hunter is responsible for utilizing advanced threat hunting techniques, tools, and methodologies to proactively detect and respond to cyber threats before they escalate into significant incidents. As a senior threat hunter, the ideal candidate will possess an intricate understanding of attacker tradecraft, enabling them to conceive original hunt ideas aligned with the evolving tactics, techniques, and procedures (TTPs) of adversaries. Moreover, the candidate will play a critical role during complex cyber intrusions and must possess strong incident response skillsets. The VP, Cyber Threat Hunter will be an inquisitive and curious critical thinker possessing prior threat intelligence, threat hunting, incident response, forensics, and information security (IS) experience which will lend further mentorship to junior analyst.Key Responsibilities:Design and execute strategic, hypothesis-based, Cyber Threat Hunts, to include initial research, hypothesis drafting, hunt execution, and documentation of technical findings mapped to business impact and effectively communicated to relevant stakeholders.Regularly consume technical intelligence reports and open-source research to facilitate and inform regular contributions to the overall cyber hunt backlog.Develop original research ideas based on observations and anticipated evolution of threat actor techniques.Emulate existing and novel attacks in a controlled research environment to gain key insights into telemetry and detection opportunities.Strong ability to lead technical analysis workstreams during complex cyber intrusions.Provide counsel to Cyber Threat Hunt and JSOC Leadership team regarding vendors, technologies, and special projects, and interact with suppliers to ensure appropriateness of Cyber Hunt and Detection tools and their configuration.Leverage one or more scripting languages or automated techniques to go from raw log data to enriched true positive findings.Mentor and upskill junior team members across cyber operations through coaching collaboration and leadership.Interface with industry peers to acquire and share Cyber Hunt best-practices in the sectorPerform other duties and/or special projects as assigned.Required Skills/Knowledge:Bachelor\'s degree with Minimum 10 years of Information Technology experience, or in lieu of a degree 12 years of Information Technology experienceMinimum of 7 years in a technical role in the areas of Security Operations, Threat Hunting, Detection Engineering, Incident Response, Technical Threat Intelligence or Offensive SecurityApplied knowledge of MITRE ATT&CK and common TTPsGeneral knowledge of operating system internals and underlying componentsDesired Skills/Knowledge:Experience in one or more cloud environmentsExperience with enterprise logging technologiesExperience and familiarity with analytic standards and tradecraftStrong oral and written communications skillsExpertise to clearly define complex issues despite incomplete or ambiguous informationKnowledge of scripting languages, API functionality, and data access methodologies.One or more relevant security certifications (GCIH, GCIA, GCFE, GCFA, SANS, or comparable)Eligibility Criteria:
Bachelor\'s degree with Minimum 10 years of Information Technology experience, or in lieu of a degree 12 years of Information Technology experienceWork Timings:(WORK TIMINGS: This role qualifies for Enhanced Flexibility and Choice offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time - 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs. Please discuss this with the hiring manager for more details.)For Internal Applicants:Understand the criteria or mandatory skills required for the role, before applyingInform your manager and HRM before applying for any role on WorkdayEnsure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)Must not be any corrective action plan (First Formal/Final Formal, PIP)L10+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.L10+ Employees can applyGrade/Level:12Job Family Group: Information Technology

Synchrony