Vp, Secdevops Senior Developer

Role Summary/Purpose:

We are seeking a VP, SecDevOps Senior Developer (Senior Cyber Security Detection Engineer) with robust and varied threat detection and threat intelligence experience.

As a key member of the SecDevOps-Detection team, the individual will provide senior-advisement on design, implementation, and optimization of detection mechanisms and in advising and participating in development of the overall threat detection strategy. The individual’s expertise in threat detection and prevention should be borne of a deep understanding of the threat landscape and adversary behavior, allowing them to identify and protect against the most concerning of cyber threats. Join us if you are passionate about staying ahead of the cybersecurity curve, are an inquisitive critical thinking, and thrive in a dynamic, collaborative environment.

You’re the one we’re looking for if you:

· Develop, implement, and verify baseline and advanced detection strategies for a wide variety of enterprise tec

Role Summary/Purpose:

We are seeking a VP, SecDevOps Senior Developer (Senior Cyber Security Detection Engineer) with robust and varied threat detection and threat intelligence experience.

As a key member of the SecDevOps-Detection team, the individual will provide senior-advisement on design, implementation, and optimization of detection mechanisms and in advising and participating in development of the overall threat detection strategy. The individual’s expertise in threat detection and prevention should be borne of a deep understanding of the threat landscape and adversary behavior, allowing them to identify and protect against the most concerning of cyber threats. Join us if you are passionate about staying ahead of the cybersecurity curve, are an inquisitive critical thinking, and thrive in a dynamic, collaborative environment.

You’re the one we’re looking for if you:

· Develop, implement, and verify baseline and advanced detection strategies for a wide variety of enterprise technologies including but not limited to SIEM, UEBA, EDR, WAF, IDS and IPS.

· Experience and comfort with detection strategies and implementations in multiple OS (Windows, MacOS, Linux) and with cloud-based architectures (Amazon Web Services and Microsoft Azure).

· Familiarity with development and implementation of use cases underlying complex capabilities such as UEBA and other behavioral-risk based detection tools.

· Leadership experience with a demonstrated ability to leverage technical domain knowledge to teach, mentor, and develop more junior team members and provide day-to-day managerial support fostering high-morale.

· Collaborate and lead cross-functional initiatives. Communicate complex and nuanced topics in an accessible manner throughout the company (departments and geos).

· Regularly arbitrate technical discussions and make challenging calls.

· Demonstrated proficiency in recognizing emerging cyber intelligence, rigorously testing identified Tactics, Techniques, and Procedures (TTPs) in a security-lab environment and crafting custom detection content against identified gaps.

· Vision to aid in prioritization and curation of a detection content backlog using Agile principles. The backlog should ensure the highest-priority material receives resourcing and is executed upon.

· Assist in ideation, creation, and implementation of security automation use cases via use of a security orchestration automation and response (SOAR) platform

· Administer test bed(s), and test and validate functionality of security tools as well as rules/signatures, alerting logic and automations.

· Identify potential conflicts with implementation of any cyber defense tools (e.g., tool and signature testing and optimization) and conducting tuning to reduce unnecessarily voluminous alerts and false positives.

Required Skills/Knowledge:

· Bachelor’s degree with a minimum of 10 years of experience including 5 years of Information Security or Intelligence experience or in lieu of Bachelor’s degree, 12 years of experience including 7-8 years of Information Security or Intelligence experience

· Past Experience as a manager of people

· Demonstrated competence with Splunk programming language (SPL) and with creation of custom detection signatures used in modern NGAV/EDR and IDS/IPS systems

· Past experience in a threat intelligence, threat hunt, or red team capacity in which use of threat intelligence and attack-focused frameworks was utilized

· Able to communicate complex information, concepts, or ideas in a confident and well- organized manner through verbal, written, and/or visual means.

· Able to function effectively in a dynamic, fast-paced environment.

Desired Characteristics:

· Applicable Information Security professional certifications (e.g., SANS, ISC2) and tool specific certifications

· Agile and code development Experience

· Experience implementing security tools or designing security architecture

· Understanding of data models and machine learning as applicable to security detection and behavior analytics

Work Timings:

This role qualifies for Enhanced Flexibility and Choice offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time – 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs