Lead Security Architect at Synchrony focusing on Zero Trust networking across various environments. Partnering with teams to design and implement secure connectivity and policies.
About the role
- Cybersecurity Engineer advancing security posture with real-time threat monitoring using SIEM tools like Splunk. Managing incident response and vulnerability management lifecycle across networks and applications.
Responsibilities
- Owning the security lifecycle and effectiveness across the Core, Edge, and Access networks, as well as all systems and network functions within GN&T.
- Advancing our security posture through real-time Threat Monitoring & Detection using SIEM tools like Splunk.
- Leading Incident Response efforts during a breach.
- Managing the continuous Vulnerability Management lifecycle across networks and applications.
- Defining and implementing robust Security Architecture, including firewalls, encryption, centralized Identity and Access Management, and Multi-Factor Authentication (MFA).
- Possessing advanced Threat Hunting skills, including Advanced Networking & Protocol Analysis, Endpoint & Memory Forensics, Data Science & Querying, and demonstrable experience in Automation & Scripting to enhance our Cybersecurity tooling.
- Identifying technology gaps to lead in the design, architecture, and implementation of appropriate security solutions.
- Creating formal guidelines, policies, and procedures to ensure smooth and error-free operations.
- Implementing strategic solutions in a highly scalable environment.
- Partnering across the Operations, Engineering, and Planning organizations to ensure secure design patterns are embedded into new deployments and major changes.
- Working independently on strategic technical challenges.
- Identifying opportunities to mentor junior engineers, guide, and delegate technical documentation/tasks to support the team and broader organization.
- Communicating clearly and effectively, articulating complex technical concepts to diverse internal and external audiences.
- Assisting network security incident response activities including triage, containment, eradication, and recovery for disruptive threats.
- Assisting with building and refining incident playbooks and response runbooks, ensuring repeatable workflows for high-impact scenarios (ransomware, phishing, insider threat, DDoS, etc).
- Serving as escalation support for security related investigations, providing expert-level analysis and guidance during active incidents.
- Executing root cause analysis and producing clear incident reports outlining timeline, impact, evidence, and remediation recommendations.
- Conducting proactive threat hunting across the identity, endpoint, network telemetry to uncover adversary behavior and reduce dwell time.
- Creating and tuning threat detections using SIEM (Security Information and Event Management) to improve alert fidelity and reduce false positives.
- Driving continuous improvement of network visibility and telemetry collection to strengthen detection and response capabilities.
- Performing regular security control assessments validating configuration effectiveness and closing gaps discovered during incidents or hunts.
Requirements
- Bachelor’s degree or Four or more years of relevant work experience.
- Two or more years of relevant work experience, demonstrated through one or a combination of work and/or military experience, or specialized training.
- Familiarity with Identity and Access Management (IAM) solutions.
- Strong foundational knowledge of incident response lifecycles (NIST or SANS) with experience designing, testing, and maintaining automation playbooks using SOAR platforms to automate triage and response actions.
- Strong ability to write complex, optimized SPL (Splunk Search Language) searches, including macros, data models, and lookups for efficient threat hunting and investigation.
- In-depth experience with risk-based alerting, managing notable events, asset/identity correlation, and defining/tuning correlation searches.
- Experience in developing, testing, and maintaining automation playbooks using Python/API integrations and Splunk SOAR (Security Orchestration, Automation, and Response) to automate triage and response actions.
- Expert in conflict resolution and negotiation to ensure that design, strategy, and decisions consistently support security requirements.
Benefits
- health and wellness benefit options including: medical, dental, vision, short and long term disability, basic life insurance, supplemental life insurance, AD&D insurance, identity theft protection, pet insurance and group home & auto insurance.
- matched 401(k) savings plan
- up to 8 company paid holidays per year
- up to 6 personal days per year
- paid parental leave
- adoption assistance
- tuition assistance
- premium pay such as overtime, shift differential, holiday pay, allowances
- up to 15 days of vacation per year.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Enterprise Account Specialist engaging with key clients to design customized solutions within sales. Conducting market research and driving contract renewals for mid - to - large accounts.
Senior Product Go - to - Market & Partner Strategy role at Fortinet involving business development and product management in the cybersecurity sector.
Cybersecurity professional executing the cybersecurity program at Nightwing Intelligence Solutions. Responsible for RMF documentation, vulnerability assessments, and incident response in Sterling, VA.
Senior Network Security Engineer driving Zero Trust security fabric design and optimization at CRC Group. Hands - on role managing Zscaler and Palo Alto implementations across multi - cloud environments.
Lead Cybersecurity Engineer driving security testing automation at AT&T. Collaborating with teams to enhance security across telecom networks and systems.
Lead Business Analyst in the IAM Intake & Enablement team within Global Security. Driving IAM initiatives and enhancing access management at RBC.
Cybersecurity Intern supporting the Information Security team at Toyota Insurance. Assisting in developing security programs and conducting risk assessments for enterprise systems.
Cyber Security Intern contributing to security initiatives and real projects at Luminor Group in Estonia. Opportunity to learn and grow within a dynamic banking environment supporting Pan - Baltic operations.
Cyber Security Intern contributing to real projects in a dynamic banking environment with Luminor. Collaborating with interns and building practical skills through meaningful work.