AVP, IT Security Lead Incident Analyst (L11)
We're building a different kind of company. Join us.
The Lead Incident Analyst is a subject matter expert that will primarily work within established operating procedures to respond to cyber incidents. The Incident Analyst will also be responsible for leading and working on projects that will support tactical and strategic business objectives. Demonstration of leadership abilities in a large corporate environment as well as a strong comprehension of malware, emerging threats and calculating risk will be critical to success
- Collaboration with team members as well as other Business Units, business partners, management, vendors, and external parties such as law enforcement, military, and research organizations
- Perform daily response operations, with a schedule that may involve nontraditional working hours
- Lead small to medium size projects as directed by management
- Specialize in network centric analysis utilizing a variety of tools
- Proactively hunt for adversaries on networks, utlilizing a variety of tools and techniques
- Draft communications, assessments, and reports that may be both internal and customer facing, to include leadership and executive management
- Understanding of different attacks and how best to design custom containment and remediation plans.
- As requested, deliver appropriate and accurate metrics to management
- Work independently when necessary and be self-directed when appropriate
- Work with a globally distributed team and rely heavily on electronic communication
- Relocation assistance is available for well qualified candidates.
- Bachelor’s Degree and minimum 4 years of IT experience or High School Diploma/GED and minimum of 7 years IT experience working with Anti-Virus software and handling incidents
- Minimum 3 years of experience working with Anti-Virus sorftware
- Minimum 3 years of experience handling incidents
- Minimum 3 years of experience with SIEM and/or log aggregation tools
- Minimum 3 years of experience with host-centric detection and response skills
- Experience host-centric tools or other forensic software and techniques
- Ability to identify compromised computers using logs, live response, and related computer centric evidence sources
- Working knowledge of secure communication methods, including Secure Shell, SILC, and PGP/GPG
- Programming and/or scripting skills
- Ability to speak confidently when dealing with internal constituents
- Strong oral and written communication skills
- CISSP, CISM or related SANs certifications preferred
- Strong IT infrastructure background
- You must be 18 years or older
- You must have a high school diploma or equivalent
- You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the selection process
- You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
- If currently a Synchrony Financial Employee, you must have been in your current position for at least 6 months (Level 4 – 7) or 24 months (level 8 or greater), have at least a “consistently meets expectations” performance rating and have the approval of your manager to post (or the approval of your manager and HR to apply if you don’t meet the time-in-job or performance requirement
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Reasonable Accommodation Notice:
- Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
- If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time.
*Source: The Nilson Report (April, 2015, Issue #1062) – based on 2014 data.
Financial Services, consumer finance
Company Type: Public Company
Company Size: 10,001+