Synchrony

VP, Staff Cryptography Engineer

Synchrony$135K — $230K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree with 5+ years in Application Development, Information Security, Systems Engineering or related; or 7+ years equivalent experience without a degree
  • 3+ years of Cloud experience
  • 3+ years in Cryptography
  • 3+ years in DevSecOps
  • 3+ years in leadership roles, preferably as a Cryptography Engineer
  • 4+ years with regulatory compliance frameworks (COBIT, ISO27001, NIST)
  • Technical expertise in a wide range of security technologies and languages such as AWS, Azure, Python, and Terraform.

Responsibilities

  • Promote engineering excellence through automation and collaboration
  • Collaborate with architecture to identify and resolve capability gaps
  • Lead ongoing DevSecOps support for a global cryptography program
  • Manage technology lifecycle and identify capability overlaps
  • Ensure compliance with change management and incident management processes
  • Develop and review documentation related to security infrastructure
  • Mentor team members and provide subject-matter expertise

Benefits

  • Flexibility to work from home or one of the company hubs
  • Opportunity for professional development and training
  • Empowerment to take ownership of built technology through a 'you build it you own it' model
  • Collaborative work environment with Agile processes
  • Participation in leadership and mentoring roles within the team
Full Job Description
Role Summary/Purpose:

The VP, Staff Cryptography Engineer will serve as a key role in safeguarding enterprise multi-cloud systems, networks, and data. The position is responsible for designing, developing, driving, implementing, leading and managing multi-cloud Information Security Engineering activities for the Cryptography program, including the underlying capabilities/technologies. In addition, this role will be responsible for acting as a trusted peer and stakeholder advisor within the organization, working closely with Information Security Engineering leadership to ensure delivery of the overall program roadmap against the Cryptography strategy and vision.

The VP, Staff Cryptography Engineer is part of the Synchrony Information Security Cryptography Team, serving as a Public Key Infrastructure (PKI) lead while supporting other efforts, such as Cloud Security, Cryptography, Information Security, Key/Secrets Management, Privacy, and Tokenization. The candidate would have an engineering position focused on delivering critical/key enterprise data protection controls, efficient supporting processes, & comprehensive automation capabilities to protect & enable Synchrony's Information Security Engineering strategy at scale. The candidate is expected to have a strong understanding and technical work experience with Cloud Security, Cryptography, DevSecOps, Information Security, Key/Secrets Management, PKI (competency skills/work experience domains include automation, controls, governance, lifecycle management, operations, process engineering, and security standards development).

Essential Responsibilities:

  • Adopting and promoting engineering excellence by identifying efficiencies and synergies through means of automation, collaboration, and orchestration
  • Collaborates with architecture to identify capability gaps, develop requirements, identify solutions to address, assist with proof of concepts and testing of solutions
  • Implementation and technical lead responsibilities that include ongoing DevSecOps/Engineering support for a global cryptography program that leverages a portfolio of multi-cloud data protection capabilities
  • Managing technology from the ground up and understanding gaps within the tech stack, including overlap with other technology and/or coverage, capability gaps
  • Maintaining technology from a business as usual (BAU) aspect by ensuring the proper change management, disaster recover, incident management processes are occurring and current
  • Participate as one of several technical leads on team of Information Security engineers
  • Participate in authoring, editing, providing, or reviewing documentation (procedures, standards) to ensure a well-managed and mature security infrastructure
  • Partners with peers within the organization to effectively prioritize work by using Agile processes and ensuring risks, impediments, and asks are brought to leadership in a timely fashion
  • Plays a hands-on role in the engineering and implementation of multi-cloud security measures that protect enterprise applications, computer systems, information, infrastructure, and networks
  • Plays a key role in designing and building multi-cloud solutions that safeguard the organizations platforms and systems
  • Proactively identifies problems and clearly articulates solutions and recommendations
  • Provide day-to-day administration and support for multi-cloud infrastructure related to API, application security, firewalls, encryption, intrusion detection systems, PKI, secrets management, vulnerability scanning, security monitoring tools, penetration testing, authentication, web filtering, identity management, or access control systems, and their associated logs and processes
  • Providing engineering/operations support for multi-cloud technology and processes, ensuring superior customer service is being met, and identifying process improvements
  • Serving as a leader, mentor, and subject-matter expert (SME) to other Information Security team members and/or stakeholders throughout the organization
  • Serving as a SAFe Product Owner for cryptographic technologies, accountable for defining/leading/maintaining the team backlog and product roadmap
  • Supporting a "you build it you own it" model - meaning the technology built by Engineering is also supported from a wing-to-wing operations aspect
  • Works closely with Information Security program manager, scrum master, and architects to convey technical impacts to development/engineering timeline and risks
  • Work independently in identifying opportunities to improve engineering or other performance for Information Security/Technology & other functions across Synchrony
  • Work with Enterprise and Information Security/Technology application owners, architects, developers, engineers, and governance teams to drive program delivery
  • Perform other duties and/or special projects as assigned


Qualifications/Requirements:

  • Bachelor degree with a minimum of 5 years experience in Application Development, Information Security, Systems Engineering or related field; in lieu of a degree, a High School Diploma/GED and minimum 7 years equivalent work experience
  • Minimum 3+ years of experience in Cloud
  • Minimum 3+ years of experience in Cryptography
  • Minimum 3+ years of experience in DevSecOps
  • Minimum 3+ years of experience in leadership roles (as Cryptography Engineer is preferred)
  • Minimum 4+ years of experience with regulatory compliance and information security management frameworks (e.g., COBIT, ISO27001, NIST, etc.)
  • Proficient hands-on technical/working expertise with API development, API security, AWS (Certificate Manager, KMS, Private CA, Secrets Manager), Azure (Key Vault), big data, CI/CD pipelines, Cloudbees/Jenkins, Cloudera, containers, cryptography methodologies, data encryption, databases, GCP (Cloud KMS, Secret Manager) Git/Github, Go, HashiCorp Vault, Java, key/secrets management, Linux, Perl, PKI, Python, storage security, Terraform, tokenization
  • Excellent oral communication and writing skills. Adept and presenting complex topics, influencing and executing with timely / actionable follow-through


Desired Characteristics:

  • Ability to work under pressure and sustain productivity with multiple simultaneous projects across cross-functional engineering and operational information security teams
  • Certifications in audit, big data, cloud, cybersecurity, governance, information security, PCI, privacy, risk; AWS, Azure, CSA, GCP, GIAC, IAPP, ISC2, ISACA, PCI
  • Cloud Security experience, especially around designing, building, managing solutions with the following vendors:
  • AWS (Primary)
  • Azure
  • GCP
  • Creativity and individual thinking, the ability to work both independently & with teams
  • Cyber Security experience, especially around designing, building, managing solutions
  • Demonstrate technical expertise in existing Information Technology/Security systems with the ability to keep pace with evolving security and technologies
  • Demonstrate an understanding of business needs and commitment to delivering consistent, efficient, high quality, reliable and responsive service to the business
  • Demonstrate an understanding of the impact of emerging business and end-user technologies have on Information Security architecture/engineering requirements
  • Demonstrated experience communicating complex and technical issues to diverse audiences (verbally and in writing), in an actionable and easy to understand manner
  • Demonstrated team focused mentality with proven experience to work effectively with diverse stakeholders
  • Experience with Agile, Scaled Agile (SAFe), Scrum
  • Familiarity with problem and incident management, change management, notifications, and basic operational understanding of running and maintaining infrastructure
  • Proven strong decision-making capabilities, with a proven track record of weighing relative benefits/costs of potential actions and identifying the most appropriate one
  • Strong and efficient problem-solving and analytical skills, willingness to learn
  • Strong interpersonal skills with an emphasis on demonstrating previous experience at effectively influencing others, cross functionally at all levels within the organization
  • Understanding of information security practices and policies, including risks and threats
  • Understanding of various public cloud deployment/platform/service models from a development, engineering, infrastructure, and information security aspect


Grade/Level: 12

The salary range for this position is 135,000.00 - 230,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Our Way of Working:

We're proud to offer you flexibility. At Synchrony, our way of working allows you to have the option to work from home near one of our Hubs or come into one of our offices. You will be required to commute to your nearest Hub (either virtual or physical) for in-person engagement activities such as regular business or team meetings, training and culture events.

*Field Sales and some Commercial team roles may have varied location requirements based upon partner obligations or preferences.

Job Family Group:
Information Technology

About Synchrony

Synchrony (NYSE: SYF) is a leading consumer financing company at the heart of American commerce and opportunity. From health to home, auto to retail, our Synchrony products have been serving the needs of people and businesses for nearly 100 years. We provide responsible access to credit and banking products to support healthier financial lives for tens of millions of people, enabling them to access the things that matter to them. Additionally, through our innovative products and experiences, we support the growth and operations of some of the country's most respected brands, as well as more than 400,000 small and midsize businesses and health and wellness providers that Americans rely on. Synchrony is proud to be ranked as the country's #2 Best Company to Work For® by Fortune magazine and Great Place to Work®.
Learn more about Synchrony
Size
18,000 employees
Market Cap
$14.4 billion
Industry
Net Income
$1.3 billion
Founded
1993
5 Year Trend
+0.7%
NASDAQ

Similar Jobs

More Jobs at Synchrony

More Information Technology Jobs

Find similar VP, Staff Cryptography Engineer jobs: