Job Information
Synchrony VP, Third Party Security Leader in STAMFORD, Connecticut
Job Description:
Role Summary/Purpose:
The Third Party Security Leader will oversee the development and implementation of the Information Security strategy for assessing risks of new and existing third parties with which Synchrony Financial does business. The ideal candidate for this role is a leader with strong influencing skills, prior experience managing/driving large cross functional initiatives, and have a collaborative approach to building relationships in a cross-functional team environment. This role also requires the ability to build and implement strategy while operating at times at the tactical level.
This role can be located anywhere in the U.S. (remote or connected to a Synchrony Hub).
Essential Responsibilities:
Lead a team of security specialists and report up through the Chief Information Security Officer
Drive the Third Party Security strategy across Synchrony
Develop standard processes for evaluating third party risk across third parties of varying risk profiles
Partner with and build strong working relationships with Synchrony IT, Supplier Management and business functions to develop an assessment program which meets regulatory, compliance and business needs
Ensure security alignment with the Supplier Risk Management process and provide security decisions and input throughout process
Identify and develop Synchrony Third Party specific security standards
Evaluate and communicate Third Party security risks and solutions to business partners and IT management/staff
Develop metrics; report and track metrics as a key component of the program to ensure processes are working as designed and risks are being tracked.
Evaluate the effectiveness of the procurement function in addressing information security requirements and supply chain risks through procurement activities and recommend improvements.
Participate in the acquisition process as necessary, following appropriate supply chain risk management practices.
Evaluate potential merger and acquisition targets of the company from a risk perspective
Contribute to corporate evaluations of partner and acquisition targets
Contribute to development integration check list for merger and acquisitions
Lead a team that conducts initial risk assessments of stakeholders and update the risk assessments on an as needed basis.
Partner across teams to identify and remediate risk for partners, clients, vendors, suppliers, and acquisitions
Mentor and develop team members
Perform other duties and/or special projects as assigned
Qualifications/Requirements:
Bachelor's Degree and a minimum 10 years of Technology experience or, in lieu of a Bachelor Degree, a High School Diploma/GED and a minimum of 12 years of Information Technology experience
Minimum 5 years of experience in Risk Management with strong knowledge of Information Technology practices and standards and regulatory controls
Project Management experience
Desired Characteristics:
Experience working in a regulated business
Working knowledge of key financial regulations such as GLBA, PCI and FDIC
Ability to work independently as well as part of a team
Highly analytical, detail-oriented, and strong problem solving with a common-sense approach to resolving problems
Experience working with a large portfolio of 3rd Party Suppliers in a global organization
Experience performing IT Audits or Assessments of 3rd Party Suppliers
Understanding of industry accepted Information Security an IT governance standards (i.e. COBIT, ITIL, ISO 27000, FISMA, NIST, CSA CCM)
Broad knowledge of auditing standards & IT Compliance requirements
Proven ability to execute across multiple locations and stakeholder groups
Excellent analytical/technical skills
Strong oral communication, business writing, and presentation skills
Eligibility Requirements:
You must be 18 years or older
You must have a high school diploma or equivalent
You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 24 months’ time in position before they can post. All internal employees must have at least a “consistently meets expectations” performance rating and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance requirement).
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Reasonable Accommodation Notice:
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time.
The salary range for this position is 100,000.00 - 200,000.00 USD Annual
Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible.
Grade/Level: 13
Job Family Group:
Financial Services Operations
