Job Description:

Role Summary/Purpose:

The VP, Privileged Access Lead Engineer will lead engineering efforts for initiatives in Synchrony’s Privileged Access Program within the Identity & Access Management team. This role will partner closely with the Technology Engineering, Cyber Operations, and Privileged Technologies teams in designing and building automated solutions to log, monitor, and action activity in the purview of highly privileged access, across a variety of self-hosted and cloud environments. This role will also drive process engineering in identifying opportunities for automation, improvement of existing automations, and overseeing implementation. This role must have strong communication and collaboration skills to work with cross-functional teams and stakeholders to ensure the delivery of quality solutions while enforcing adherence to Synchrony’s Information Security policies and regulatory obligations.

We’re proud to offer you choice and flexibility. You have the option to be remote, and work from home, or come into one of our offices. You may be occasionally requested to commute to our nearest office for in person engagement activities such as team meetings, training and culture events.

Essential Responsibilities:

• Design, configure, build, and Implement IAM monitoring and compliance solutions

• Design use cases to detect high risk access changes, activity and configurations across multiple platform log sources, including Splunk, Active Directory, Windows, Unix, SailPoint and Application Audit Logs

• Develop best practices for detecting compliance issues and threats

• Provide strategy and advisement, designs, integrations and automation for cloud environments (AWS, Azure, Google Cloud)

• Identify gaps or potential enhancements in existing IAM processes and ideate solutions to address them

• Develop automation to ensure controls are operating effectively, leveraging readily available COTS solutions and custom-built mechanisms

• Serve as a key technical resource for all IAM efforts, projects, and applications with an understanding of Privileged Access Management concepts and the auditing of IAM compliance.

• Develop documentation that fully captures technical IAM baselines and operational capabilities

• Proactively identify technical and procedural areas of concern and propose pragmatic solutions

• Support efforts to demonstrate progress in program maturity by developing dashboards and mechanisms that report on key metrics and KPIs

• Perform other duties and/or special projects as assigned

Qualifications/Requirements:

• BS/BA in Computer Science / other technical degree or Business Management and 8 years of IT experience or in lieu of degree High School Diploma/GED and 10 years of IT experience.

• Minimum of 5 years of experience leading the engineering, delivery, and support of technology solutions for medium to large enterprises

• Minimum 5 years of experience with modern identity and access management concepts and best practices, such as privileged user accounts, least-privileged access model, segregation of duties, OS-level security logs, app-level security logs, Database level security logs.

• Minimum of 2 years of experience working with agile methodologies as a Product Owner and/or Tech Lead on a product team

Desired Characteristics:

• Experience working in a financially regulated environment

• Advanced working knowledge of the software development lifecycle (SDLC)

• Knowledge of cybersecurity regulatory frameworks such as NIST, ISO, SOC2, and GDPR

• Demonstrated knowledge of modern identity and access management concepts and best practices, such as privileged user accounts, least-privileged access model, segregation of duties, OS-level security logs, app-level security logs, Database level security logs.

• Demonstrated knowledge of Privileged Access Security solutions and Identity Platform solutions

• Deep understanding of identity access management tools integrations (preferably SailPoint & BeyondTrust)

• Conceptual understanding of microservices, APIs, app-to-app interaction, and non-human identities in the context of IAM

• Experience with:

  • Identity and Access Management technologies (SailPoint)

  • SIEM Logs (Splunk)

  • Active Directory

  • Windows Server

  • Unix/Linux

  • Cloud Identity and Access Management

  • User access authorization concepts

  • Privileged Access Management

  • Multi Factor Authentication

  • Single Sign On (Okta)

  • Cloud Security and User Administration

  • Cloud Security Policies and Procedures

• Experience constructing Splunk friendly regex expressions and optimizing Splunk search queries with optimal performance

• A minimum of 5 years hands-on experience with Python or comparable equivalent (PowerShell, GoLang)

• Ability to author new and troubleshoot existing code

Grade/Level: 12

The salary range for this position is 100,000.00 - 200,000.00 USD Annual

Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible.

Eligibility Requirements:

• You must be 18 years or older

• You must have a high school diploma or equivalent

• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 24 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Our Commitment:

When you join us, you’ll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard—but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we’re building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+, with more than 60% of our workforce engaged, you’ll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time

Job Family Group: