E2404191-3
Job Description
Role Title : AVP, Insider Risk Investigator (L11)
Company Overview
Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry's most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.
- We have recently been ranked #5 among India's Best Companies to Work for 2023, #21 under LinkedIn Top Companies in India list, and received Top 25 BFSI recognition from Great Place To Work India. We have been ranked Top 5 among India's Best Workplaces in Diversity, Equity, and Inclusion, and Top 10 among India's Best Workplaces for Women in 2022.
- We offer 100% Work from Home flexibility for all our Functional employees and provide some of the best-in-class Employee Benefits and Programs catering to work-life balance and overall well-being. In addition to this, we also have Regional Engagement Hubs across India and a co-working space in Bangalore.
Organizational Overview
Synchrony's Information Security Insider Risk Management program provides a cross-collaborative framework to detect, investigate and remediate insider risks to Synchrony data. The program objective is to drive the strategic direction of data protection and investigate allegations of suspicious internal activity involving Synchrony data egress or abuse. The Insider Risk Management program is comprised of Research, Investigations and Forensics and eDiscovery. This role will be part of the Investigations function and will be responsible for detecting and responding to insider risk use case alerts in coordination with appropriate stakeholders.
Role Summary/Purpose
The AVP, Insider Risk Investigator is responsible for reviewing and responding to potential insider risks incidents. The candidate should have significant data loss prevention and insider risk investigations experience. As a member of the Insider Risk Management team, the individual will work within established operating procedures to respond to insider risk investigations and will work on information security projects supporting Insider Risk business objectives and those of the program's stakeholders. The individual will have knowledge of Insider Risk investigations, reporting, investigative tools, and laws/regulations and work within the program framework, strategy, technology, and program governance standards & procedures.
Key Responsibilities
- Respond to insider risk use case alerts originating from Data Loss Prevention (DLP) platforms or from other sources of identification
- Draft clear and concise alert escalation reports allowing for efficient hand-off from alert review to investigation
- Utilize knowledge of threat privacy principles & vulnerabilities and specific operational impacts of insider lapses in assessing potential insider risk events and incidents.
- Identify opportunities to refine and enhance DLP policies to reduce false positives.
- Aid with documentation of processes related to DLP and investigations as necessary and requested.
- Understand relevant risk management processes and laws, regulations, policies and ethics as they relate to insiders and the accompanying threats
- Provide mentorship to team-members and more junior analysts/investigators
- Identification of system files (e.g., log files, registry files, configuration files) that contain relevant information and where to find those system files as they relate to insider risks and data exfiltration.
- Perform daily insider response operations, with a schedule that may involve nontraditional working hours, work small to medium size projects as directed by management.
- Assist in designing data protection strategy with all data protection tools in the environment (email gateway, endpoint DLP, network DLP, CASB, etc.).
- Identify gaps in the existing data protection toolset.
- Provide feedback to the Insider Risk Management team and its leaders.
- Perform other duties and/or special projects as assigned.
- Work independently when necessary and be self-directed when appropriate.
- Work with a globally distributed team and rely heavily on electronic communication.
- Work with the business to prioritize sensitive data for protection.
Required Skills/Knowledge
- At least 6 years of relevant insider risk, intelligence, cyber threat, or investigative experience.
- At least 4 years of experience working with data loss prevention tool.
- At least 4 years of experience working in an analyst capacity.
- Experience in responding to audit and regulatory requests.
- Ability to inspire cross functional partners in tech and security.
- Knowledgeable insider risk frameworks such as MITRE.
- Previous experience in conducting interviews.
- Demonstrated success in close working collaboration with cyber security, intelligence, HR, and Legal.
- Advanced knowledge DLP, Email, Endpoint, SIEM/UEBA, and other security tools.Expertise in both working in and handling sensitive areas/materials.
- Experience developing and communicating findings to non-technical business areas.
- Experience using analytical skills and an ability to interpret established standards and guidelines to solve problems.
- Ability to innovate, develop, implement, and effectively document complex technical systems and approaches.
- Proficient understanding of possible methods of internal and external data movement.
- Analytical ability, attention to detail, problem solving, consultative skills, and innovation.
Desired Skills/Knowledge
- Experience in digital forensics.
- Experience using Insider Risk Tools (ex. Data Loss Prevention, User Behavior Analytics, etc.).
- Understanding of cyber- tactics, technologies, and procedures to counter insider risks.
- Awareness of the latest cyber security trends and developments.
- Knowledge of Incident Response procedures.
- Excellent verbal and written communications.
- Analytical & evaluative thinking.
- Interpersonal and leadership skills.
- The ability to work in a fast-paced environment to include the translation of concepts and issues into messaging easily understood by senior leadership.
- Strong analytical skills/problem solving/conceptual thinking.
- Ability to conduct multi-source investigations in collecting and analyzing qualitative and quantitative data.
- Ability to work independently on initiatives with little oversight.
- Motivated and willing to learn.
- Must be comfortable effectively communicating intelligence to technical and non-technical audiences.
- Leadership skills and qualities which enable you to work with peers and various levels of management.
Eligibility Criteria
Bachelor's degree with a minimum of 6 years of experience including experience in Information Security or Intelligence experience or in lieu of Bachelor's degree, 8 years of experience including Information Security or Intelligence.
Work Timings: 03:00 PM to 12:00 AM EST
This role qualifies for Enhanced Flexibility and Choice offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs. Please discuss this with the hiring manager for more details.
For Internal Applicants
- Understand the criteria or mandatory skills required for the role, before applying.
- Inform your manager and HRM before applying for any role on Workday.
- Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format).
- Must not be any corrective action plan (First Formal/Final Formal, PIP).
- L09+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.
- L09+ Employees can apply.
Level/ Grade : 11
Job Family Group
Information Technology