VP, Cyber Intelligence Leader

Synchrony

Cyber Intelligence Leader at Synchrony driving Cyber Threat Intelligence and Detection Engineering programs. Partnering with security operations to enhance cyber defenses and actionable intelligence for threats.

Posted 4/24/2026full-timeStamford • Connecticut, Florida, Illinois • 🇺🇸 United StatesSenior💰 $170,000 - $290,000 per yearWebsite

Tech Stack

Tools & technologies

CloudCyber Security

About the role

Key responsibilities & impact

leads Synchrony’s Cyber Threat Intelligence (CTI), Detection Engineering, and Cyber Hunt programs
accountable for translating external and internal threat signals into actionable intelligence, proactive hunts, and measurable detection improvements across the enterprise
partners closely with Synchrony's Joint Security Operations Center (JSOC), Incident Response, Vulnerability Management, and infrastructure/application teams to reduce adversary dwell time and strengthen Synchrony’s cyber defenses
define intelligence requirements and collection plans focused on threats relevant to financial services and Synchrony’s environment
produce strategic, operational, and tactical intelligence (executive reporting, actor/campaign tracking, TTP and IOC packages)
translate intelligence into detection content, hunt hypotheses, response playbooks, and prioritized mitigations
manage the intelligence lifecycle (collection → analysis → production → dissemination → feedback)
lead hypothesis-driven hunts mapped to MITRE ATT&CK, focused on high-risk scenarios and validated by available telemetry
coordinate hunts across endpoint, network, cloud, identity, and edge/WAF; document repeatable hunt playbooks
escalate validated suspicious activity to Incident Response and support containment/remediation as needed
convert hunt findings into durable improvements: detections, data onboarding/enrichment, and control remediation
lead a detection engineering function responsible for building and maintaining detection content and analytics across the enterprise
develop detection standards (naming, severity, testing criteria, evidence requirements, runbooks) and a structured tuning process
ensure detections are threat-informed (ATT&CK-mapped), measurable, and aligned to JSOC workflow and triage capacity
drive detection validation through purple-team/attack simulation outcomes and real incident lessons learned
partner with SOC to improve alert fidelity, reduce noise, and ensure clear escalation criteria and responder guidance
maintain a detection backlog and release cadence; ensure change control and documentation for auditability
perform other duties and/or special projects as assigned.

Requirements

What you’ll need

Bachelor’s degree in computer science or an equivalent degree
a minimum 5 years of work
8–12+ years of cybersecurity experience with depth in threat intelligence, threat hunting, detection engineering, and/or incident response
3+ years leading teams and/or enterprise programs with measurable outcomes
demonstrated experience building and operationalizing detections within a SIEM/EDR environment and partnering with SOC/IR
strong knowledge of adversary tactics and frameworks (MITRE ATT&CK) and applying them to detection coverage
proficiency working with security telemetry across endpoint, network, cloud, and edge; strong investigative mindset
strong written and verbal communication skills; ability to brief executives and produce clear technical documentation/runbooks
ability and flexibility to travel for business as required
experience establishing a detection engineering lifecycle (standards, testing, tuning, change control, coverage reporting)
detection content engineering expertise; familiarity with data models/normalization and scalable detection design
financial services and/or regulated industry experience; audit-ready documentation and governance mindset
certifications (preferred): GIAC (GCTI/GCIA/GCIH/GNFA), CISSP, CCSP, or similar
strong technical knowledge of scripting languages and data access methodologies
awareness of the latest cyber security trends and developments
US Government Security Clearance, as a plus.

Benefits

Comp & perks

an annual bonus based on individual and company performance
flexibility to work from home or in the office

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

cyber threat intelligencedetection engineeringthreat huntingincident responseSIEMEDRMITRE ATT&CKsecurity telemetrydetection content engineeringdata models

Soft Skills

leadershipcommunicationinvestigative mindsetflexibilityteam collaborationtechnical documentationbriefing executivesproblem-solvinganalytical thinkingproject management

Certifications

GIAC GCTIGIAC GCIAGIAC GCIHGIAC GNFACISSPCCSPUS Government Security Clearance