AVP, IT Security Lead Incident Analyst (L11)

Full Time
Chicago, IL
Areas of Interest: Incident Response
report a problem
Engage with what's next.
We're building a different kind of company. Join us.

The Lead Incident Analyst is a subject matter expert that will primarily work within established operating procedures to respond to cyber incidents. The Incident Analyst will also be responsible for leading and working on projects that will support tactical and strategic business objectives. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success

Essential Responsibilities:

  • Collaboration with team members as well as other Business Units, business partners, management, vendors, and external parties such as law enforcement, military, and research organizations
  • Perform daily response operations, with a schedule that may involve nontraditional working hours
  • Lead small to medium size projects as directed by management
  • Specialize in network centric analysis utilizing a variety of tools
  • Proactively hunt for adversaries on networks, utlilizing a variety of tools and techniques 
  • Draft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive management 
  • Understanding of different attacks and how best to design custom containment and remediation plans.
  • As requested, deliver appropriate and accurate metrics to management
  • Work independently when necessary and be self-directed when appropriate
  • Work with a globally distributed team and rely heavily on electronic communication
  • Relocation assistance is available for well qualified candidates.


  • Bachelor’s Degree and minimum 4 years of IT experience or High School Diploma/GED and minimum of 7 years IT experience working with Anti-Virus software and handling incidents
  • Minimum 3 years of experience working with Anti-Virus sorftware
  • Minimum 3 years of experience handling incidents
  • Minimum 3 years of experience with SIEM and/or log aggregation tools
  • Minimum 3 years of experience with host-centric detection and response skills

Desired Characteristics: 

  • Experience host-centric tools or other forensic software and techniques
  • Ability to identify compromised computers using logs, live response, and related computer centric evidence sources
  • Working knowledge of secure communication methods, including Secure Shell, SILC, and PGP/GPG
  • Programming and/or scripting skills
  • Ability to speak confidently when dealing with internal constituents
  • Strong oral and written communication skills
  • CISSP, CISM or related SANs certifications preferred
  • Strong IT infrastructure background

Eligibility Requirements:

  • You must be 18 years or older
  • You must have a high school diploma or equivalent
  • You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the selection process
  • You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
  • If currently a Synchrony Financial Employee, you must have been in your current position for at least 6 months (Level 4 – 7) or 24 months (level 8 or greater), have at least a “consistently meets expectations” performance rating and have the approval of your manager to post (or the approval of your manager and HR to apply if you don’t meet the time-in-job or performance requirement

Legal authorization to work in the U.S. is required.  We will not sponsor individuals for employment visas, now or in the future, for this job opening. 


All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. 

Reasonable Accommodation Notice:

  • Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
  • If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627.   Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time.

Share this job:

Synchrony Financial

Engage with us.
Synchrony Financial (NYSE: SYF) is one of the nation’s premier consumer financial services companies. Our roots in consumer finance trace back to 1932, and today we are the largest provider of private label credit cards in the United States based on purchase volume and receivables.* We provide a range of credit products through programs we have established with a diverse group of national and regional retailers, local merchants, manufacturers, buying groups, industry associations and healthcare service providers to help generate growth for our partners and offer financial flexibility to our customers. Through our partners’ over 350,000 locations across the United States and Canada, and their websites and mobile applications, we offer our customers a variety of credit products to finance the purchase of goods and services. Synchrony Financial (formerly GE Capital Retail Finance) offers private label and co-branded Dual Card™ credit cards, promotional financing and installment lending, loyalty programs and FDIC-insured savings products through Synchrony Bank.

*Source: The Nilson Report (April, 2015, Issue #1062) – based on 2014 data.

Financial Services, consumer finance
Visit Synchrony Financial's Social Media pages:
Company Industry: Financial Services
Company Type: Public Company
Company Size: 10,001+