Key skills
Risk ManagementCommunication
About this role
Role Overview
- Oversee and execute end to end control assurance activities for all sub functions within Information Security
- Formalize, Pilot and execute first line of defence (1LOD) assessments for Information Security to proactively identify risks to the business
- Lead the client assessments program by liaising with internal client partners to ensure Synchrony is meeting client expectations for Information Security Assessments and Audits
- Collaborate with Sourcing and Legal teams to review third-party supplier contracts, ensuring contractual terms align with the defined scope of services and comply with applicable regulatory requirements and governance frameworks
- Support execution of FedLine and other assessments by working with internal SMEs, Second and Third Line of defense teams
- Support renewal of Cyber Insurance for the organization by working with insurance brokers and key internal stakeholders
- Develop Synchrony Financial Security Assurance specific security standards and procedures
- Perform other duties and/or special projects as assigned.
Requirements
- Bachelor’s degree in Computer Engineering or related field, with a minimum of 10+ years of experience in Information Security OR in lieu of the Bachelor's degree, a minimum of 12+ years of experience in Information Security
- 8+ years of progressive experience in information security, technology risk, security controls assurance, or audit, including 5+ years leading teams
- Good understanding of IS Risk Management Concepts
- Strong working knowledge of IT related US Banking regulations & industry best practices (NIST, PCI DSS, HIPAA, CRI etc.)
- Demonstrated experience designing and executing control testing/assurance programs across multiple security domains
- Exposure to working with external attack surface monitoring tools to partner with internal stakeholders to remediate external risk exposure to the organization
- Proven ability to influence and partner across Information Security, Technology, Risk, Compliance, and Audit functions
- Excellent executive communication skills—able to synthesize complex findings into clear, actionable insights
- Excellent interpersonal skills with ability to influence team members, management & external groups
- Self-motivated & able to work independently or in a team environment & work with virtual teams
Benefits
- best-in-class employee benefits and programs that cater to work-life integration and overall well-being
- career advancement and upskilling opportunities