AVP, Information Security (L10)

Role Tile - AVP, Information Security (L10)

Company Overview:

Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.

• We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies.
• We provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being.
• We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles.

Organizational Overview:

The core functionality of JSOC team within Synchrony is to provide continuous monitoring and response to cyber threats against Synchrony, its employees, its customers and partners. We do this by developing best in class detection, response and containment capabilities through automation, orchestrations and machine learning.

Role Summary/Purpose:

The AVP,Information Security is part of the Synchrony Joint Security Operations Center (JSOC) and is responsible leading cyber detection of information security alerts and investigating/reporting of major information security incidents supporting all business units.  The candidate would have a both technical and people leadership position focused on the detection and response program operation consisting of detection, response, mitigation, reporting of cyber security incidents and conducting assignments for escalated incidents.  The candidate is expected to have a strong understanding of both traditional on-premise security and cloud management plane (also known as cloud control plane) security. As a people leader candidate will be handling the day-to-day shift operations, documenting, and implementing the rotation schedule, mentoring junior analyst in the team, and providing feedback and tracking their technical competency. 

Key Responsibilities:

The JSOC coordinates with IT, Legal, Human Resources, and other appropriate business units to gather incident details, assess impact, and coordinate response. This role requires experience in all phases of Cyber Detection and Incident Response including preparation, notification, response, recovery, analysis, and post-mortem. The candidate must be familiar with communication technologies, communications protocols and emerging cloud security practices. The candidate that fulfills this role will be expected to have process documentation experience and excellent intra-business relationship experience. This role interacts with all levels of the organization, particularly within the IT organization and is viewed as a subject matter expert. Specific responsibilities include:

• Respond to security incidents across a wide array of technologies, mitigate and contain impacts, coordinate remediation efforts, summarize and make recommendations to Sr. Management for improvements.  Security technologies utilized by the JSOC team includes: Security Incident and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), Web Application Firewall (WAF), network perimeter firewall, enterprise email security, User and Entity Behavioral Analytics (UEBA), and Cloud Access Security Broker (CASB) toolsets.
• Provide technical leadership and expertise to enable proactive detection of potential security threats and recommendations for improvements in overall security posture.
• Work with members of the Cyber Intelligence team to develop and implement threat detection logic to counter emerging cybersecurity threats.
• Develop and enhance Detection and Incident Response processes and procedures leveraging relationships with front line operations teams and exploiting tools and systems.
• Document findings and create detailed reports for constituency both in written and verbal formats.
• Enumerate risks and prioritize mitigation efforts based on clear business priorities.
• Coordinates IT resources to effectively perform incident response tasks.
• Supervises formal incident response tasks and takes responsibility for successful execution of incident response plan.
• Performs incident response tasks to contain exposures from an incident.
• Authors incident response reports and lessons learned to include root cause analysis.
• Identify and recommend process improvements.

Required Skills/Knowledge:

• Bachelor’s degree and a Minimum 8 years of cyber security and incident response or security operations related to the detection, analysis, containment, eradication and recovery from cyber security incidents OR in in lieu of a degree, a minimum 10 years equivalent work experience.  
• Experience in the securities or financial services industry is a plus.
• Experience managing SOC team in the past.
• Experience of working in high performing teams and understand the dynamics of teamwork in a SOC environment

Desired Skills/Knowledge:

• Strong verbal and written communication skills.
• Ability to perform logical problem solving.
• Industry certifications such as CISSP, GCIH, AWS Certified Cloud Practitioner, AWS Certified Security – Specialty, and other cybersecurity certifications are a plus.

Eligibility Criteria:

Bachelor’s degree and a Minimum 8 years of cyber security and incident response or security operations related to the detection, analysis, containment, eradication and recovery from cyber security incidents OR in in lieu of a degree, a minimum 10 years equivalent work experience.  

Work Timings: 7:30 AM - 4:30 PM IST or 3:30 PM - 12:30 PM IST (Rotational Shifts)

Role requires collaboration during India and US business hour overlap windows to support leadership and stakeholder discussions.

This role qualifies for Enhanced Flexibility offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time – 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs)
We are proud to offer flexibility at Synchrony. Our way of working allows you the option to work from home or workspaces in our Regional Engagement Hubs—Hyderabad, Bengaluru, Pune, Kolkata, or Delhi/NCR.
Occasionally you may be required to commute or travel to Hyderabad or one of the Regional Engagement Hubs for in person engagement activities such as business or team meetings, trainings, and culture events.

For Internal Applicants:

• Understand the criteria or mandatory skills required for the role, before applying
• Inform your manager and HRM before applying for any role on Workday
• Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)
• Must not be any corrective action plan (Formal/Final Formal LPP)
• L8+ Employees who have completed 18 months in the organization and 12 months in their current role and level are only eligible.
• Employees at L8+ can only apply for this opportunity.

Grade/Level: 10

Job Family Group: