VP, Operational Risk - Information Security (L13)

Stamford, CT, United States

Job ID: 1800001731

Role Summary/Purpose:

This role has direct oversight responsibility of information risk management within Synchrony. This includes the independent assessment of information risks related to people, processes, and technologies.  It also includes evaluation of the related control environment for its effectiveness in reducing risks to safeguard the confidentiality, integrity or availability of Synchrony information. This position reports into the SVP Operational Risk Oversight Leader.

Essential Responsibilities:

  • Manage the ORM Information Security Oversight team in monitoring and assessing information risks consistent with the Company’s risk appetite statement
  • Apply a ‘risk based’ approach to evaluate the current Synchrony cyber & information security program, including but not limited to risks in protecting, detecting, responding and recovering from cyber security events
  • Establish a multi-year information risk oversight strategy to develop a risk taxonomy and related aggregate risk profile that supports a consistent understanding of risks with Synchrony
  • Develop and prioritize a risk-based oversight plan in coordination with other Risk Management pillars, as well as Internal Audit
  • Evaluate the implementation of advanced security technology to address Synchrony’s threat environment while considering the likelihood, and business impact of any potential vulnerability
  • Directly engage with information risk controllers within business to evaluate strategies, processes and controls for managing risks
  • Provide independent insights on Synchrony information security control framework, including but not limited to, its formal policies, standards, and procedures
  • Deploy expert 3rd party resources to periodically test and evaluate Synchrony’s logical and physical controls by performing penetration tests against various threat vectors
  • Provide regular independent reporting to management, regulators and governance committees on the levels of information risk within Synchrony and the effectiveness of the information security program
  • Perform other duties and/or special projects as assigned

Qualifications/Requirements:

  • Bachelor's Degree in a related field (e.g. Information Technology, Computer Science or Engineering) and 6+ years of relevant experience (including military) in Information Security, Information Security Audit or Information Security Risk Management roles)
  • In lieu of a bachelor's degree, 10 years of relevant experience (including military) in Information Security, Information Security Audit or Information Security Risk Management roles)
  • Minimum 10 years formal Information Technology experience (i.e., network, architecture, software development, application management, information security, etc.) including minimum 2 years of relevant Information Security experience

Desired Characteristics:

  • Strong knowledge of network, web, and mobile security
  • Understanding of legal, regulatory and industry best practices applicable to information risk
  • Experience in developing and presenting strategies, recommendations and independent assessments to senior leadership teams
  • Proficient in Microsoft applications, including Excel, PowerPoint and Word
  • Industry recognized certifications such as CISSP, CISA, CISM, CSIRT
  • Familiarity with consumer lending products and practices
  • Strong influencing skills and ability to drive initiatives to completion within the agreed upon time frame
  • Results-driven with ability to manage a diverse team and multiple complex assignments
  • Excellent written and verbal communication skills with ability to foster a collaborative working relationship with functional process owners and Internal Audit
  • Well-developed analytical and problem-solving skills

Grade/Level: 13

Mission

We’re passionate about connecting highly skilled women with leading companies commited to diversity and inclusion

Are you looking for your dream job? In Office. Flexible. Remote.

Join our Movement

Are you hiring? Join our platform for diversifying your team

Post a job