Job Description

:Role Title: AVP, InfoSec Engineer - Cloud Security (L10)Company Overview:COMPANY OVERVIEW: Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry\xe2\x80\x99s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.We have recently been ranked #5 among India\xe2\x80\x99s Best Companies to Work for 2023, #21 under LinkedIn Top Companies in India list, and received Top 25 BFSI recognition from Great Place To Work India. We have been ranked Top 5 among India\xe2\x80\x99s Best Workplaces in Diversity, Equity, and Inclusion, and Top 10 among India\xe2\x80\x99s Best Workplaces for Women in 2022.We offer 100% Work from Home flexibility for all our Functional employees and provide some of the best-in-class Employee Benefits and Programs catering to work-life balance and overall well-being. In addition to this, we also have Regional Engagement Hubs across India and a co-working space in Bangalore.Organizational Overview:Synchrony Information Security Architecture organization is focused on enabling security of business products, services, technology platforms and solutions by using principles of Secure by Design, early engagement and risk-based approach. Information Security organization plays a crucial role in safeguarding information assets by delivering security architecture and design outcomes while working with cross functional teams, addressing risk and ensuring compliance with applicable requirements.Role Summary/Purpose:The Cloud Security Engineer will be a key role in safeguarding the organizations systems, networks, and data in the cloud. The position is responsible for documenting and enforcing cloud security hardening standards. In addition, this role will be responsible for monitoring and remediating cloud alerts, communicating security requirements to cloud platform users, and participating in Cloud Security team meetings.Key Responsibilities:Monitor cloud platform compliance via Cloud Security Posture Management tools Enforce cloud security hardening requirements across cloud environment via alert remediationContinuously evaluate and improve cloud security team processes to bolster efficiency and reduce manual workEffectively communicate importance of cloud security to application teamsDocument and maintain metrics certifying cloud security posture Plays a key role in identifying misconfigurations of policy or alerts which safeguard the organization\xe2\x80\x99s platforms and systemsAdopting and promoting engineering excellence by identifying efficiencies and synergies through means of collaboration and automationIdentifies problems and clearly articulates solutions and recommendationsCollaborates with architecture to identify capability gaps, develop requirements, identify solutions to address, assist with proof of concepts and testing of solutionsPartners with peers within the organization to effectively prioritize work by using agile processes and ensuring risks, impediments, and asks are brought to leadership in a timely fashionManaging technology from ground up and understanding gaps within the tech stack, including overlap with other technology and/or coverage, capability gapsMaintaining technology from a business as usual (BAU) aspect by ensuring the proper change management, incident management, disaster recover processes are occurring and currentProviding day to day operations support for technology and processes, ensuring superior customer service is being met, and identifying process improvementsServing as a mentor or a subject-matter expert (SME) to other InfoSec team members and/or stakeholders throughout the organizationPerform other duties and/or special projects as assignedRequired Skills/Knowledge:Bachelor\'s degree in Information Security, Computer Science, or a related field with minimum of 4+ years of practical experience in information security, or in lieu of a degree 6+ years of practical experience in information security.In-depth knowledge of information security principles, standards, and best practices.Strong analytical and problem-solving skills paired with strong written and verbal communication skills to articulate complex security concepts to both technical and non-technical audiences.Experience working collaboratively with cross-functional teams and business units.Desired Skills/Knowledge:Engineering and/or architecture experienceCyber Security experience, especially around designing, building and management solutionsUnderstanding of information security practices and policies, including risks and threatsGood understanding of security landscape as a wholeExperience working in AWS with services such as GuardDuty, Cloudtrail, Lambda, Cloudformation, IAM, Config, etc Familiarity with Microsoft Azure cloudExperience handling and responding to cloud alertsKnowledge of SIEM tools such as Splunk Understanding of compliance requirements and tools for the public cloud Creativity and individual thinking, and the ability to work both with a team and unsupervisedStrong and efficient problem-solving and analytical skills, willingness to learn Understanding of public cloud platforms from an infrastructure and development aspectAbility to work under pressure and sustain productivity with multiple simultaneous projects Familiarity with problem and incident management, change management, notifications, and basic operational understanding of running and maintaining infrastructure Good teamwork, oral and written communicationEligibility Criteria:Bachelor\'s degree in Information Security, Computer Science, or a related field with minimum of 4 years of practical experience in information security, or in lieu of a degree 6+ years of practical experience in information security.Work Timings: This role qualifies for Enhanced Flexibility and Choice offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time \xe2\x80\x93 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs.For Internal Applicants:Understand the criteria or mandatory skills required for the role, before applyingInform your manager and HRM before applying for any role on WorkdayEnsure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)Must not be any corrective action plan (First Formal/Final Formal, PIP)L8+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.L08+ Employees can applyGrade/Level: 10Job Family Group: Information Technology

Synchrony