remote
AVP, Security Engineering Controls Program Analyst - Synchrony
Software Engineer
Lead security engineering controls, driving risk assessment, compliance, and vulnerability management across enterprise systems to safeguard data and ensure regulatory adherence.
About the role
Key Responsibilities
- Design, implement, and maintain security controls across the organization’s technology stack.
- Conduct risk assessments and vulnerability analyses to identify and mitigate security gaps.
- Lead compliance audits and coordinate remediation efforts with cross‑functional teams.
- Develop and enforce security policies, standards, and procedures aligned with industry best practices.
- Provide executive reporting on control effectiveness, risk posture, and remediation status.
Requirements
- 10+ years of experience in security engineering, controls, or risk management.
- Deep knowledge of security frameworks (NIST, ISO 27001, CIS Controls) and regulatory requirements (PCI‑DSS, SOX, GDPR).
- Proven track record of leading large‑scale security initiatives and audit engagements.
- Strong analytical, communication, and stakeholder management skills.
- Relevant certifications (CISSP, CISM, CRISC) preferred.
Skills
servicenowjiraconfluence