Job Description:
**Role Summary/Purpose:**
The AVP, Security Risk Analyst will execute the work of the Synchrony (SYF) Application Security - Technology, Risk and Analytics Team. This individual will leverage knowledge of security policies, standards, and industry best practices as the key point of contact for documenting deviations from security standards. The AVP, Security Risk Analyst will contribute towards process improvements including assessment of vulnerability risk, enhancement of metrics, development of documentation, and identifying opportunities for streamlining and automation. This position will also be responsible for executing the strategic direction set by the VP of Application Security - Technology, Risk and Analytics.
We're proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.
**Essential Responsibilities:**
The Application Security - Technology, Risk and Analytics Team coordinates across all elements of the IT organization at all levels, including senior executives. This role requires experience in information security, risk management, and vulnerability management. Responsibilities include:
+ Evaluate and process exceptions to information security policies and standards related to vulnerability management
+ Perform analysis to evaluate risk associated with exceptions to standards
+ Assist in presenting exception risk metrics and vulnerabilities identified through the security exception process to technology leadership
+ Provide effective prioritization and tracking of exception request queue
+ Maintain cooperative relationship with infrastructure, application, database, network, and desktop/laptop teams to drive remediation
+ Analyze vulnerability data and assist with the prioritization and remediation of the identified vulnerabilities commensurate to risk and the vulnerability management standard
+ Understand vulnerabilities, their impacts, mitigation techniques, and document and articulate this understanding to various stakeholders
+ Update and develop security standards and templates as required to meet new regulatory/audit/etc. requirements
+ Leverage and enhance existing Application Security frameworks/policies/standards to ensure Synchrony Application Security maintains a minimum of industry best practices commiserate with organization's risk profile while also ensuring compliance with industry standards (e.g., PCI DSS)
+ Coordinate collection of data and documentation in support of examinations/audits
+ Work with existing solution vendors (e.g., Qualys, Fortify, and Sonatype) as necessary; identify potential solutions
+ Perform other duties and/or special projects as assigned.
**Qualifications/Requirements:**
+ Bachelor's degree and a minimum 2 years of work experience in IT OR in in lieu of a degree, a High School Diploma/GED and minimum 3 years work experience
+ Minimum of 2 years of experience in risk or vulnerability management
+ Minimum of 2 years of experience in documenting information security risk
**Desired Characteristics:**
+ Industry certifications such as CISSP, CISA, CRISC are a plus
+ Financial services industry experience
+ Deep knowledge of and experience in vulnerability management, risk management, information security
+ Excellent written and oral communication skills, to include ability to present to a non-technical audience
+ Excellent problem-solving skills, to include demonstrated experience in and ability to analyze, understand, and resolve technical and non-technical issues and pursue the most relevant course of action
+ Self-starter with ability to work with minimal guidance/direction
+ Awareness of the latest cybersecurity trends and developments
**Grade/Level: 10**
The salary range for this position is **95,000.00 - 160,000.00** USD Annual and is eligible for an annual bonus based on individual and company performance.
Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.
Salaries are adjusted according to market in CA, NY Metro and Seattle.
**Eligibility Requirements:**
+ You must be 18 years or older
+ You must have a high school diploma or equivalent
+ You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
+ You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
+ New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months' time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance expectations).
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
**Our Commitment:**
When you join us, you'll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard-but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we're building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+ (https://www.synchronycareers.com/our-culture/#diversity) , with more than 60% of our workforce engaged, you'll find community to connect with an opportunity to go beyond your passions.
This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.
**Reasonable Accommodation Notice:**
+ Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
+ If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am - 5pm Monday to Friday, Central Standard Time
**Job Family Group:**
Information Technology
While all employers are vetted to meet the Maricopa Guidelines, the job postings are not individually reviewed. Students should be diligent in ensuring they are applying for positions that meet their needs and are not in violation of the Maricopa guidelines.