|February 15, 2024
The Cloud Detection and Response Strategist (Microsoft Azure) is an integral part of the Synchrony Cyber Operations strategy team. This position is an expert resource responsible for advising Cyber Operations on its multi-year public cloud services provider (CSP) detection and response strategies, and for leading oversight of the strategies' implementation and effectiveness. The ideal candidate will possess deep knowledge of security operations in Microsoft Azure coupled with a willingness to mentor and impart their knowledge on partners and junior staff. The selectee will collaborate on a daily basis with the Cyber Operations' Joint Security Operations Center (JSOC) and its Cyber Detection and Security Automation teams as well as partners in Information Security Cloud IAM and Cloud Architecture, and Technology's Public Cloud Engineering.
- Responsible for design and continuous-improvement of Microsoft Azure cyber detection and response strategies and capabilities.
- Oversight of effective implementation of Microsoft Azure strategies and capabilities across Cyber Operations organizations; specifically JSOC, Cyber Detection and Security Automation.
- Advise Information Security Engineering and Technology on security technology stack required to enable and enhance Microsoft Azure cyber detection and response
- Assist JSOC with complex investigations or incident response occurring in Microsoft Azure.
- Review and provide expert adjustments to all existing and new Cyber Operations procedures related to Azure detection and response activities.
- Serve as Cyber Operations subject matter expert for audit, risk, and regulator requests related to Microsoft Azure detection and response strategies, capabilities, and procedures.
- Interface with industry peers to acquire and share Azure cloud detection and response best-practices.
- Minimum seven years of cyber security experience with at least five years focused on Cloud Detection, Cloud Incident Response, Cloud Response Automation, or Cloud Security Architecture/IAM
- In-depth attack surface knowledge of Azure
- Bachelor's degree in computer science or a related discipline, or equivalent work experience in information systems or intelligence required, advanced degree preferred.
- One or more relevant security certifications (GCIH, GCIA, GCFE, GCFA, SANS, Microsoft Certified Security Operations Analyst Associate, or comparable)
- Experience conducting detection and response in Amazon AWS and Google Cloud Platform
- Proficiency in using python or other similar scripting language to interact with APIs or manipulate large datasets for analysis
- Experience with Agile Project Management and its principles
- Experience with Security Orchestration Automation and Response (SOAR) platforms
- Experience and familiarity with analytic standards and tradecraft
- Experience in the financial services sector
- Strong oral and written communications skills
- Strong analytical & critical thinking capabilities
- Expertise to clearly define complex issues despite incomplete or ambiguous information