VP, Cyber Intelligence Leader

Role Summary

Role Summary/Purpose The Cyber Intelligence Leader leads Synchrony’s Cyber Threat Intelligence (CTI), Detection Engineering, and Cyber Hunt programs. This role is accountable for translating external and internal threat signals into actionable intelligence, proactive hunts, and measurable detection improvements across the enterprise. The leader partners closely with Synchrony s Joint Security Operations Center (JSOC), Incident Response, Vulnerability Management, and infrastructure/application teams to reduce adversary dwell time and strengthen Synchrony’s cyber defenses.

The ideal candidate will possess financial sector cyber intelligence and overall Information Security expertise.

• Define intelligence requirements and collection plans focused on threats relevant to financial services and Synchrony’s environment.
• Produce strategic, operational, and tactical intelligence (executive reporting, actor/campaign tracking, TTP and IOC packages).
• Translate intelligence into detection content, hunt hypotheses, response playbooks, and prioritized mitigations.
• Lead hypothesis-driven hunts mapped to MITRE ATT&CK, focused on high-risk scenarios and validated by available telemetry.
• Coordinate hunts across endpoint, network, cloud, identity, and edge/WAF; document repeatable hunt playbooks.
• Escalate validated suspicious activity to Incident Response and support containment/remediation as needed.
• Convert hunt findings into durable improvements: detections, data onboarding/enrichment, and control remediation.
• Lead a detection engineering function responsible for building and maintaining detection content and analytics across the enterprise.
• Develop detection standards (naming, severity, testing criteria, evidence requirements, runbooks) and a structured tuning process.
• Ensure detections are threat-informed (ATT&CK-mapped), measurable, and aligned to JSOC workflow and triage capacity.
• Drive detection validation through purple-team/attack simulation outcomes and real incident lessons learned.
• Partner with SOC to improve alert fidelity, reduce noise, and ensure clear escalation criteria and responder guidance.
• Maintain a detection backlog and release cadence; ensure change control and documentation for auditability.
• Perform other duties and/or special projects as assigned.

Essential Responsibilities

• Define intelligence requirements and collection plans focused on threats relevant to financial services and Synchrony’s environment.
• Produce strategic, operational, and tactical intelligence (executive reporting, actor/campaign tracking, TTP and IOC packages).
• Translate intelligence into detection content, hunt hypotheses, response playbooks, and prioritized mitigations.
• Manage the intelligence lifecycle (collection → analysis → production → dissemination → feedback).
• Lead hypothesis-driven hunts mapped to MITRE ATT&CK, focused on high-risk scenarios and validated by available telemetry.
• Coordinate hunts across endpoint, network, cloud, identity, and edge/WAF; document repeatable hunt playbooks.
• Escalate validated suspicious activity to Incident Response and support containment/remediation as needed.
• Convert hunt findings into durable improvements: detections, data onboarding/enrichment, and control remediation.
• Lead a detection engineering function responsible for building and maintaining detection content and analytics across the enterprise.
• Develop detection standards (naming, severity, testing criteria, evidence requirements, runbooks) and a structured tuning process.
• Ensure detections are threat-informed (ATT&CK-mapped), measurable, and aligned to JSOC workflow and triage capacity.
• Drive detection validation through purple-team/attack simulation outcomes and real incident lessons learned.
• Partner with SOC to improve alert fidelity, reduce noise, and ensure clear escalation criteria and responder guidance.
• Maintain a detection backlog and release cadence; ensure change control and documentation for auditability.
• Perform other duties and/or special projects as assigned.

Qualifications/Requirements

• Bachelor’s degree in computer science or an equivalent degree and a minimum 5…