Synchrony VP, Senior Security / Senior Pen Tester in Kettering, Ohio
Perform application and network cybersecurity assessments on Synchrony’s application and network environment to identify cyber security gaps or improvement opportunities. Develop policies, standards, and procedures to maintain/improve area of responsibility. This role will also be responsible for tracking identified risks and monitoring remediation status to closure.
The Attack and Penetration Testing Team coordinates across all elements of the IT organization at all levels, including senior executives. This role requires experience in penetration testing principles, tools, and techniques; the candidate will be viewed as (and must be) a subject-matter expert. Responsibilities include:
Drive efficiency and effectiveness improvements in the Application Security program. Providing vision, leadership and strategic guidance that aligns with the organization’s vision and strategy.
Lead and execute application security penetration tests; defining scope, coordinating attacks, executing tests and reporting findings, following an established methodology in accordance with defined processes.
Conduct adversary simulation to determine if flaws and exposures can be exploited by unfriendly forces.
Research, develop, implement, test and document tools, techniques and tactics used by adversaries to compromise and maintain control of information assets.
Analyze impact of zero-day threats to determine real vs. theoretical risk impact to Synchrony’s data.
Partner with and build strong working relationships with IS, IT and business functions to develop an assessment program that meets regulatory, compliance and business needs.
Identify and assess specific emergency or priority vulnerabilities, guided by input from other elements of the firm such as cyber intelligence, and suggest specific remediation approaches.
Support Application Security Management leadership to coordinate SYF Attack and Penetration testing activities and to provide program status updates to executive leadership.
Develop and continuously improve metrics capabilities that convey performance of SYF Application Security program and risk to SYF.
Document findings and create detailed reports for constituents (including executive leadership) both in written and verbal formats.
Actively mentor developers on secure coding practices.
Perform other duties and/or special projects as assigned
Bachelor’s degree and a minimum 5 years of work experience in IT or in lieu of a degree, a High School Diploma/GED and minimum 9 years work experience
Minimum of 5 years of experience in information security or related technology experience.
Minimum 4 years of experience leading threat simulation or penetration testing engagements in an enterprise environment.
Minimum of 4 years of experience conducting or reviewing application security assessments for common vulnerabilities (OWASP top 10)
Industry certifications such as CISSP are a plus.
Financial services industry experience.
Hands-on experience with Open Source and commercial tools such as Burp Suite Pro, Metasploit, and Kali Linux.
Experience testing Mobile platforms.
Experience in scripting and/or using command line in Windows and/or Linux.
Extreme resourcefulness with willingness to learn and teach how to characterize adversary tools and techniques, assess and test Company resources, and improve Company defenses.
Demonstrated ability to compromise complex IT systems/applications in enterprise environments.
Very strong analytical capabilities, with problem-solving skills and a common-sense approach to solving problems.
Results-driven, strategic, conceptual, and innovative thinker.
Awareness of the latest cybersecurity trends and developments.
Very strong oral and written communication skills.
You must be 18 years or older
You must have a high school diploma or equivalent
You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the selection process
You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
Effective 1-1-18, new hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 24 months’ time in position before they can post. All internal employees must have at least a “consistently meets expectations” performance rating and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance requirement).
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Reasonable Accommodation Notice:
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time.
The salary range for this position is 85,000.00 - 170,000.00 USD Annual
Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible.
Job Family Group:
With roots in consumer finance that trace back to 1932, Synchrony Financial is a leader in consumer credit and promotional financing, providing a range of products for a diverse group of national and regional retailers; including Main Street mainstays, local merchants, manufacturers, buying groups, industry associations and healthcare service providers. We are the largest provider of private label credit cards in the United States based on purchase volume and receivables and we provide co-branded dual card credit cards, promotional financing and installment lending, loyalty programs and FDIC-insured savings products through Synchrony Bank. Who do we serve? Hundreds of thousands of customers across the U.S. and Canada spanning the electronics and appliances, home furnishings, automotive, power products and sports, jewelry and luxury, retail and healthcare industries.
Our purpose is clear: we are committed to pioneering the future of financing, improving the success of every business we serve and the quality of each life we touch. This is fitting because when you join Synchrony Financial, you’re joining an organization that recognizes that our people are our greatest asset —every single one of them. That’s why we are deeply committed to investing in the growth of each member of our team. And with 80 years of experience, we know how to develop talent. At Synchrony Financial, we work hard to offer competitive rewards, compensation and benefits. When you join us, you become part of a stimulating work environment with vast opportunities to sharpen your skills and embrace new leadership challenges.