Listing Description
Role Summary/Purpose:
provide intelligence support to detection, incident response, and threat hunting. CTI monitors, collects, analyzes & reports on a wide range of threats to the firm’s information systems, enabling prevention and detection of risks/events and informed business decisions. The ideal candidate will possess CTI and Information Security (IS) expertise.
Essential Responsibilities:
• Support the Cyber Incident Response (CIRT) and Detection Teams; provide intelligence support during incident response and alert investigations.
• Provide timely Intel support to operators/investigators, but also directly assisting and/or executing investigative actions.
• Support to Threat Hunting; provide threat actor profiles technical intelligence support to the Hunt team.
• Provide guidance and suggestion for specific Hunt Mission operations, and assist in their execution when needed.
• Enhance security monitoring and incident response team knowledge to support their respective missions. Work with team members to enhance security monitoring tools with contextual information.
• Consume both qualitative and quantitative data sources to produce research and intelligence products to support customer needs.
• Identify new threat tactics, techniques and procedures used by cyber threat actors. Publish actionable threat intelligence products.
• Acquire threat intelligence and technical indicators from external sources; develop tactical intelligence and technical indicators internally.
• Interface with industry peers, government and law enforcement organizations as appropriate to acquire and share threat intelligence information.
• Provide expertise and counsel to management, other organizations, and special project personnel
• Collaborate with management in developing technical directions, setting objectives, and setting realistic and challenging goals
• Perform other duties and/or special projects as assigned
Qualifications/Requirements:
• Bachelor's degree in computer science or a related discipline, or equivalent work experience required, advanced degree preferred.
• 3-5 years of experience in industry information security or related technology experience required, experience in the financial services industry required.
• Minimum three years of cyber security and threat intelligence experience
• Experience in analysis of large data sets for the purpose of identifying malicious activity.
• Experience and/or understand of malware analysis.
• Understanding of the cyber kill chain and threat intelligence lifecycle. Understanding of cyber- tactics, technologies, and procedures to counter attacks and threats.
• Knowledge of incident response, crisis management, vulnerabilities management, detection, and hunting
• Strong technical knowledge of scripting languages and data access methodologies such as SQL a plus.
Desired Characteristics:
• Experience using a threat intelligence platform
• Experience in the financial services sector.
• Cyber security and threat intelligence experience
• US Government Security Clearance
• Awareness of the latest cyber security trends and developments
• Detailed understanding of Cyber Crime, Hacktivist, APT and Insider Threat associated tactics
• CISSP, CISM or related SANs certifications
• Strong analytical & evaluative thinking
• Excellent consulting skills and superior ability to develop and maintain effective client relationships
Eligibility Requirements:
• You must be 18 years or older
• You must have a high school diploma or equivalent
• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the selection process
• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
• If currently a Synchrony Financial Employee, you must have been in your current position for at least 6 months (Level 4 – 7) or 24 months (level 8 or greater), have at least a "consistently meets expectations" performance rating and have the approval of your manager to post (or the approval of your manager and HR to apply if you don't meet the time-in-job or performance requirement
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Reasonable Accommodation Notice:
• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time.• Support the Cyber Incident Response (CIRT) and Detection Teams; provide intelligence support during incident response and alert investigations.
• Provide timely Intel support to operators/investigators, but also directly assisting and/or executing investigative actions.
• Support to Threat Hunting; provide threat actor profiles technical intelligence support to the Hunt team.
• Provide guidance and suggestion for specific Hunt Mission operations, and assist in their execution when needed.
• Enhance security monitoring and incident response team knowledge to support their respective missions. Work with team members to enhance security monitoring tools with contextual information.
• Consume both qualitative and quantitative data sources to produce research and intelligence products to support customer needs.
• Identify new threat tactics, techniques and procedures used by cyber threat actors. Publish actionable threat intelligence products.
• Acquire threat intelligence and technical indicators from external sources; develop tactical intelligence and technical indicators internally.
• Interface with industry peers, government and law enforcement organizations as appropriate to acquire and share threat intelligence information.
• Provide expertise and counsel to management, other organizations, and special project personnel
• Collaborate with management in developing technical directions, setting objectives, and setting realistic and challenging goals
• Perform other duties and/or special projects as assigned
Listing Details
- Salary: $110000 - $130000
- Citizenship: Us Citizen
- Incentives: Bonus
- Education: Bachelors Degree
- Travel: No Travel
- Telework: Optional Telecommute