Job Description:

Role Summary/Purpose:

The Manager, Detection and Response​ is part of the Synchrony Joint Security Operations Center (JSOC) and is responsible for being a subject matter expert in cyber detection of information security alerts and assisting in the investigation/reporting of major information security incidents supporting all business units.  The candidate would have a management position focused on the detection and response program operation consisting of detection, response, mitigation, and reporting of cyber security incidents; documenting and implementing the rotation schedule and assignments for handling escalated incidents.  The candidate is expected to have a strong understanding of both traditional on-premise security and cloud management plane (also known as cloud control plane) security.

This position is remote, where you have the option to work from home but with the expectation to work the Pacific Coast time zone hours of 12 - 8 pm. You may be occasionally requested to commute to our nearest office for in person engagement activities such as team meetings, training and culture events.

Essential Responsibilities:

The JSOC coordinates with IT, Legal, Human Resources, and other appropriate business units to gather incident details, assess impact, and coordinate response. This role requires experience in all phases of Cyber Detection and Incident Response including preparation, notification, response, recovery, analysis, and post-mortem. The candidate must be familiar with communication technologies, communications protocols and emerging cloud security practices. The candidate that fulfills this role will be expected to have process documentation experience and excellent intra-business relationship experience. This role interacts with all levels of the organization, particularly within the IT organization and is viewed as a subject matter expert.  Specific responsibilities include:

• Respond to security incidents across a wide array of technologies, mitigate and contain impacts, coordinate remediation efforts, summarize and make recommendations to Sr. Management for improvements.  Security technologies utilized by the JSOC team includes: Security Incident and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), Web Application Firewall (WAF), network perimeter firewall, enterprise email security, User and Entity Behavioral Analytics (UEBA), and Cloud Access Security Broker (CASB) toolsets.
• Provide technical subject matter expertise to enable proactive detection of potential security threats and recommendations for improvements in overall security posture.
• Work with members of the Cyber Intelligence team to develop and implement threat detection logic to counter emerging cybersecurity threats.
• Develop and enhance Detection and Incident Response processes and procedures leveraging relationships with front line operations teams and exploiting tools and systems.
• Document findings and create detailed reports for constituency both in written and verbal formats.
• Enumerate risks and prioritize mitigation efforts based on clear business priorities.
• Coordinates IT resources to effectively perform incident response tasks.
• Acts as the subject matter expert on incident response tasks and takes responsibility for successful execution of incident response plan.
• Performs incident response tasks to contain exposures from an incident.
• Authors incident response reports and lessons learned to include root cause analysis.
• Identify and recommend process improvements.

Qualifications/Requirements:

Bachelor’s degree and a minimum 3 years of work experience or Computer Science or a related discipline OR in in lieu of a degree, a High School Diploma/GED and minimum 5 years equivalent work experience.  Additional requirements include:

• Minimum of 2 years of years of experience in information security or related technology experience required, experience in the securities or financial services industry is a plus.
• Minimum 2 years of cyber security and incident response or security operations related to the detection, analysis, containment, eradication and recovery from cyber security incidents.

Desired Characteristics:

• Strong verbal and written communication skills.
• US Government Security Clearance a plus.
• Industry certifications such as CISSP, GCIH, AWS Certified Cloud Practitioner, AWS Certified Security – Specialty, and other cybersecurity certifications are a plus.

Work Hours:

This position will work on the Joint Security Operations Center (JSOC) Fourth Shift which is an eight (8) hour workday that begins 12pm Pacific Time until 8pm Pacific Time (9am Hawaii-Aleutian Time until 5pm Hawaii-Aleutian Time | 3pm Eastern Time until 11pm Eastern Time).

The salary range for this position is 65,000.00 - 130,000.00 USD Annual

Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible.

Grade/Level: 09

Eligibility Requirements:

• You must be 18 years or older

• You must have a high school diploma or equivalent

• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles.  Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles.  Employees, level 8 or greater, must have at least 24 months’ time in position before they can post.  All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required.  We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. 

Our Commitment:

When you join us, you’ll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard—but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we’re building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 , with more than 60% of our workforce engaged, you’ll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627.   Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time

Job Family Group: