VP, Operational Risk - Information Security & Resiliency

Job Description:

Role Summary/Purpose:

This role is responsible for executing the Operational Risk Oversight of information Security and Organizational Resiliency across Synchrony. The candidate will perform oversight of Information Security and Business Continuity risks within Technology, Operations, and Third-Party relationships. They will independently identify, assess, monitor, and report on risk management practices. This position reports to the VP, Operational Risk IS & Resilience Oversight Leader.

Were proud to offer you choice and flexibility. You have the option to be remote, and work from home, or come into one of our offices. You may be occasionally requested to commute to our nearest office for in person engagement activities such as team meetings, training and culture events.

Essential Responsibilities (defined by the above scope):

• Coordinate with cross functional risk teams, to develop ongoing monitoring and risk testing for information security and organizational resilience.

• Review and challenge the control environment within Information Security (e.g. Data Protection, and Identity & Access Management)

• Monitor Disaster Recovery & Business Continuity (BC/DR) capabilities and exercises. Provide a 2LoD independent opinion on identified Risks. Measure and report on overall technology resilience.

• Plan, manage, and coordinate vendors onboarded for outsourced risk assurance engagements.

• Provide oversight of third-party assessments process. Monitoring, investigate and report on any operational risk incidents within the Synchrony suppler base.

• Work in partnership with Information Security and Resilience to develop and implement the required controls to support Public Cloud Migration requirements.

• Maintain the second line of defense Information Risk Oversight Framework (IROF) to plan, track and report on risks and related control effectiveness

• Monitor Information Risks and associated Risk Appetite thresholds and report relevant findings to required governing committees/sub-committees.

• Provide effective challenge during functional risk assessments, due diligence efforts, strategy implementations, and significant change events.

• Review, assess and document gaps in the Synchrony 1LoD operational program maturity and related control environments.

• Assess Risk using Synchrony standards, industry best practices and industry frameworks.

• Perform other duties and/or special projects as assigned

Qualifications/Requirements:

• Minimum of 5 years of hands-on technical Information Technology experience (i.e., network, architecture, software development, application management, information security, etc.), plus an additional 5 years of formal Information Security experience.

• Two years of experience working in or directly supporting Public Cloud Adoption (AWS, Google, or Azure) with a clear understanding of the differences between IaaS, PaaS, and SaaS.

Desired Characteristics:

• Bachelor's Degree in a STEM related field (e.g., Information Technology, Computer Science or Engineering)

• Two years of Risk Management experience in Financial Services.

• Two years of project management experience

• Two years of experience working in Technology Business Continuity and Disaster Recovery (BC/DR)

• Industry recognized certifications such as:

  • Information Security / Risk Management: CISSP, CISA, CISM, CSIRT, or CRISC

  • Cloud Technology: Cloud CCSK, AWS Solutions Architect Associate, Microsoft Azure Fundamentals, or Google Associate Cloud Engineer

• Results-driven mindset with the ability to work within or manage a matrixed project team with multiple complex components.

Grade/Level: 12

The salary range for this position is 110,000.00 - 185,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements:

• You must be 18 years or older

• You must have a high school diploma or equivalent

• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you dont meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Our Commitment:

When you join us, youll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heardbut valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, were building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+, with more than 60% of our workforce engaged, youll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am 5pm Monday to Friday, Central Standard Time

Job Family Group:

Risk Management