VP, Insider Risk Management Leader

at Synchrony in Chicago, Illinois, United States

Job Description

Job Description:

Role Summary/Purpose:

The Insider Risk Management Leader is responsible for leading efforts to identify and reduce cyber insider risks to Synchrony. The Leader sets the strategy, processes, and governance, for a team of analysts responsible for developing methodologies to identify and detect areas of insider risk and for the conduct of insider investigations supporting cross-business stakeholders including those in information security, physical security, Legal, and Human Resources. Additionally, the Leader is responsible for maintenance and execution of Synchrony’s eDiscovery capabilities and forensics activities supporting insider investigations and Legal requirements. The leader is a senior-practitioner, capable of effectively interacting with senior leaders across the company and motivated to mentor colleagues in Insider Risk and investigations tradecraft.

We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.

Essential Responsibilities:

+ Oversee the end-to-end process of investigating data-loss-prevention (DLP) alerts and stakeholder provided cases requiring cyber-investigative support. The leader is responsible for proper intake, investigation (to include employee interviews as necessary), documentation, and provision of outcomes to stakeholders.

+ Oversee analysts responsible for DLP alert review, disposition, and escalation; aid in design of DLP alerting strategies.

+ Provide governance of Synchrony’s Insider Risk program, to include leadership of the Insider Risk Working Group and Steering Committee.

+ Interface with, and satisfy requirements from, senior stakeholders across the business who require Insider Risk Management support to include those in Legal (including Ombuds), Human Resources, Physical Security, and Information Security.

+ Advise on user and entity behavioral detection methods and use-cases for implementation by partner Cyber Operations teams.

+ Identify areas of insider risk and escalate identified risks through proper forums allowing for documentation and remediation.

+ Responsible for maintaining operational capability of eDiscovery and forensics platforms to ensure their availability and for responding to customer requests for eDiscovery and forensics support.

+ Provide expert counsel and specialized resources, in such areas as artifact collection and forensics, during cyber incident response activities.

+ Identify opportunities for process and capability improvements utilizing technology and automation. Levy formal and technically comprehensive requirements allowing for evaluation and execution.

+ Provide mentorship, training and oversight to direct reports, ensuring high-quality team deliverables and enabling career and technical growth of subordinates.

+ Advise on Cyber Operations budget.

+ Perform other duties and/or special projects as assigned.

Qualifications/Requirements:

+ Bachelor’s degree in Computer Engineering or related field, with a minimum of 7 years of experience in Information Technology or in lieu of Bachelor’s degree, High School diploma and 10 years of Information Technology experience

+ Prior experience conducting human interviews in person and over the phone.

+ Prior experience conducting or leading forensics investigations.

+ Prior experience developing executive-level presentations and speaking to large groups.

+ Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems.

+ For internal Synchrony applicants, a minimum of 18 months in company and 12 months in current role is a must. Employees in active CAP/PIP are not eligible to apply for the role. Employees with performance rating of CT or OC are only eligible.

Desired Characteristics:

+ One or more relevant security certifications (SANS GCIH, GCIA, GCFE, GCFA, or comparable)

+ Prior experience supporting investigations teams or law enforcement

+ Currently hold or have previously held a Security Clearance

+ Must have expertise and exposure in SOAR, DLP, UEBA, SIEM, and Forensics Tooling

+ Must have experience in performing forensics on on-prem systems and public cloud (e.g., AWS, Azure, GCP)

+ Strong interpersonal and critical thinking skills.

Grade/Level: 14

The salary range for this position is 170,000.00 – 290,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements:

+ You must be 18 years or older

+ You must have a high school diploma or equivalent

+ You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

+ You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

+ New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Our Commitment:

When you join us, you’ll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard-but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we’re building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+ (https://www.synchronycareers.com/our-culture/#diversity) , with more than 60% of our workforce engaged, you’ll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

+ Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

+ If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time

Job Family Group: