AVP, SecDevOps Senior Developer (L10)

Job Description:

Role Title : AVP, SecDevOps Senior Developer (L10)

Company Overview:

Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.

• We have recently been ranked #2 among India’s Best Companies to Work for 2024, #21 under LinkedIn Top Companies in India list, and received Top 25 BFSI recognition from Great Place To Work India. We have been ranked Top 2 among India’s Best Workplaces in Diversity, Equity, and Inclusion, and Top 10 among India’s Best Workplaces for Women in 2022.

• We offer 100% Work from Home flexibility for all our Functional employees and provide some of the best-in-class Employee Benefits and Programs catering to work-life balance and overall well-being. In addition to this, we also have Regional Engagement Hubs across India and a co-working space in Bangalore.

Organizational Overview:

This role is part of the Threat Informed Defense organization, responsible for researching, developing, and maintaining cyber detection capabilities. The team also manages and sources Technical Intelligence, leveraging it to enhance and refine detection methods and defenses against relevant threats. Additionally, it collaborates with the SOC Function (JSOC) and other partners to deliver high-fidelity security alerts, safeguarding Synchrony from cyber threats.
 

Role Summary/Purpose:

The role of the SecDevOps Senior Developer involves developing and maintaining automated processes that help to minimize cyber risk by improving the organization's ability to identify and respond to threats in an efficient manner. The team-member will partner with members of cyber operations, information security and the larger business to identify automation use-cases that they will then design, develop, and implement. Ideal candidates will have strong DevOps skill sets with knowledge of cyber detection concepts/strategies and security tools. More so, the ideal candidate will be capable of critical thinking and problem solving with a customer-first attitude.

This is an IC role and position is remote, where you have the option to work from home. On occasion we may request for you to commute to our nearest office for in person engagement activities such as team meetings, training and culture events. To ensure the safety of our colleagues and communities, we require employees who come together in-person to be fully vaccinated. We’re proud to offer you choice and flexibility.

Key Responsibilities:

• Exhibit expertise in promptly identifying evolving cyber intelligence, testing Tactics, Techniques, and Procedures (TTPs) within a secure lab setting, and developing custom detection content to address identified gaps.

• Demonstrate a forward-thinking approach to prioritize and refine a backlog of detection content, leveraging Agile methodologies to ensure proper resource allocation and timely execution of high-priority initiatives. 

• Proactively identify emerging cyber threats, conducting thorough assessments to gauge their potential impact on Synchrony. 

• Experience and comfort with detection strategies and implementations in multiple OS (Windows, MacOS, Linux) and with cloud-based architectures (Amazon Web Services and Microsoft Azure). 

• Foster cross-functional collaboration with CyberOps teams, contributing to the enhancement of detection alerting strategies. This includes spearheading initiatives such as designing detection pipelines, refining alert mechanisms, and optimizing existing alerting processes. 

• Develop a deep understanding of Synchrony's cyber tool ecosystem, enabling informed recommendations for strengthening control mechanisms and fortifying defenses against potential cyber threats. 

• Coordinate with Information Security teammates to manage and optimize detection content
  and alerting logic for key systems including security information and event management
  (SIEM), intrusion detection/prevention (IDS/IPS), Next Generation AV (NGAV), Endpoint Detection and Response (EDR), User Entity and Behavior Analytics (UEBA) platform amongst other core security tools. Assist in creation and implementation.

• Design, develop, and deploy applications and services on AWS cloud infrastructure, ensuring that they are secure, scalable, and highly available.

• Develop and maintain custom security apps and tools via python web development.

• Ability to automate tasks with APIs and serverless scripting.

• Reviewing, debugging, and resolving technical issues throughout the SDLC.

• Design and implement automated security solutions for AWS cloud infrastructure.

• Develop and maintain security automation scripts and tools.

• Perform cleanup and sanitation of incoming log sources and events.

• Keeping up with the latest and greatest tools and techniques for combating security threats.

• Partner with technology leaders in adherence to technology strategy and roadmap.

• Support the day-to-day operations of the Security Operations program.

• Maintain knowledge of current security trends and be able to clearly communicate them to the team.

• Assist in responding to emergency situations and security incidents.

Required Skills/Knowledge:

• Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience.

• Able to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means. 

• Demonstrated competence in Python and Splunk Search Processing Language (SPL).

• Demonstrated competence in Agile methodologies.

• Demonstrated competence in developing and securing AWS services.

• Demonstrated competence in developing automation solutions for the triage and response of AWS Cloud security events.

• Able to communicate complex information, concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.

• Able to function effectively in a dynamic, fast-paced environment.

• For Internal Applicants: Understand the criteria or mandatory skills required for the role, before applying.

• Inform your Manager or HRM before applying for any role on Workday.

• Ensure that your Professional Profile is updated (fields such as Education, Prior experience, Other skills) and it is mandatory to upload your updated resume (Word or PDF format)

• Must not be any corrective action plan (First Formal/Final Formal, PIP)

• Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.

• Level 8+ employees can apply

Desired Skills/Knowledge:

• Applicable Information Security professional certifications (e.g., SANS, AWS Security and Developer based certifications) and tool specific certifications.

• Ability to work independently as well as part of a team.

• Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems.

• Expertise to clearly define complex issues despite incomplete or ambiguous information.

• Strong oral and written communications skills.

• Strong interpersonal and critical thinking skills.

• Strong knowledge in DevOps principals and CI/CD pipelines.

• Experience with Cloud Foundry/Docker is a plus.

• Prior SOC, cyber intelligence, or incident response experience is a plus

Eligibility Criteria

Bachelor’s degree with 4+ years of Information Security or Intelligence experience; OR in lieu of degree, 6+ years of Information Security or Intelligence experience.

Work Timings: 03:00PM to 12:00AM IST

For Internal Applicants:

• Understand the criteria or mandatory skills required for the role, before applying

• Inform your manager and HRM before applying for any role on Workday

• Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)

• Must not be any corrective action plan (First Formal/Final Formal, PIP)

• Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible

• L08+ Employees can apply

Grade/Level: 10

Job Family Group: