VP, Cyber Detection and Response Leader

2 days ago Be among the first 25 applicants Role Summary / Purpose The VP, Cyber Detection and Response Leader leads all Information Security aspects of the Synchrony Joint Security Operations Center (JSOC). This role fosters a culture of innovation and collaboration while maintaining steady state operations across the four JSOC teams: Cyber Hunt, Cyber Threat Operations and Response, Incident Management, and Advanced Threat Response. This individual is responsible for developing and executing the JSOC strategy and leading incident response efforts end-to-end, and leads the Synchrony Core Team, a cross‑functional group comprising representatives from Synchrony departments: Information Security, Cybersecurity Counsel, Crisis Management, Corporate Affairs, Privacy, SEC Legal Securities, Service Delivery, Enterprise Operations, Source‑To‑Pay, and others. Finally, this individual is a Level 3 (L3) Process Owner for the Information Security Respond process. Our Way of Working We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in‑person engagement activities such as business or team meetings, training and culture events. Essential Responsibilities Most senior incident escalation point for the 24/7/365 JSOC. Drive daily and weekly operational calls to ensure unification of personnel. Act as an example of collaboration across Information Security, Physical Security, Fraud, and IT. Coordinate with other IT security functions to determine requirements and opportunities for threat detection and policy/prevention recommendations. Support incident response activities, assisting with artifact collection, triage and remediation processes while documenting lessons learned. Support intelligence and hunt activities to detect advanced adversary threats. Utilize KPIs to track analyst workloads and the efficiency of detection signatures/rules and associated monitoring technologies. Identify potential process improvement projects and serve as a change agent through IT. Interface with team members, security colleagues, business partners, management, vendors and external parties on best practices. Ensure IS tools and processes meet regulatory requirements. Establish and maintain business/IS relationships. Understand business objectives, priorities, drivers and technology focus areas. Benchmark and implement industry best practices (MITRE ATT&CK, NIST CSF) to mitigate threats. Contextualize findings to Synchrony’s specific business risks or vulnerabilities. Support design and implementation of procedures and controls to protect information system assets. Provide subject‑matter expertise and counsel to management regarding vendors, technologies and special projects. Prepare appropriate reports and communicate status and results. Collaborate with management in developing technical directions, setting objectives and realistic goals. Perform other duties and/or special projects as assigned. Qualifications / Requirements Bachelor’s degree in Computer Engineering or related field; 12+ years of experience in Information Technology. Prior cyber incident response experience and/or experience working in high‑tempo cyber operations environments. Expertise and exposure in Content Development, Threat Intelligence & Hunting, and SOC Continuous Monitoring. Results‑driven, strategic, conceptual, and innovative thinker. Experience presenting to senior management. Highly analytical, detail‑oriented, strong problem‑solving with a common‑sense approach. Expertise in clearly defining complex issues despite incomplete or ambiguous information. Strong oral and written communication skills. Strong interpersonal and critical thinking skills. Excellent consulting skills and superior ability to develop and maintain effective client relationships. Desired Characteristics One or more relevant security certifications (CISSP, GCIH, GCIA, GCFE, GCFA, or comparable). Experience managing an Information Security Operations Center (SOC). Experience driving strategy for detection and response capabilities. Expertise and exposure in SOAR, SIEM, EDR, and Cloud Security tools. Strong oral and written communication. Grade / Level The salary range for this position is 170,000.00 - 290,000.00 USD annual and is eligible for an annual bonus based on individual and company performance. Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge. Salaries are adjusted according to market in CA, NY Metro and Seattle. Eligibility Requirements Must be 18 years or older. Must have a high school diploma or equivalent. Must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process. Must satisfy Section 19 of the Federal Deposit Insurance Act. New hires (Level 4‑7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non‑exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations). Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. Our Commitment When you join us, you’ll be part of an inclusive culture where your individual skills, experience, and voice are not only heard – but valued. Together, we’re building a future where we can all belong, connect, and turn ideals into action. More than 50% of our workforce is engaged in our Employee Resource Groups (ERGs), where community and passion intersect to offer a safe space to learn and grow. Reasonable Accommodation Notice Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment. If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. Representatives are available from 8 am – 5 pm Monday to Friday, Central Standard Time. Job Family Group Information Technology #J-18808-Ljbffr