VP, Security Engineering Programs & Controls
Company: Synchrony Financial
Location: Costa Mesa
Posted on: March 18, 2026
|
|
|
Job Description:
Job ID: 2600764 Job Description: Role Summary/Purpose The VP,
Security Engineering Programs & Controls will lead modernization of
the Information Security Engineering control landscape, ensuring a
complete vision for control coverage and standardization across all
Security Engineering functions. The ideal candidate will have
tactical and strategic experience in organizing and driving
technology programs, and demonstrate a keen ability to integrate
Governance, Risk, and Compliance (GRC) deliverables into program
execution. The ideal candidate will have a working awareness of
information security technologies, excellent organizational skills,
and the ability to influence without direct authority to advance
key security objectives. Our Way of Working We’re proud to offer
you flexibility. At Synchrony, our way of working allows you to
have the option to work from home near one of our Hubs or come into
one of our offices. Occasionally you will be required to commute or
travel for in person engagement activities such as business or team
meetings, training and culture events. *Field Sales and some
Commercial team roles may have varied location requirements based
upon partner obligations or preferences. Essential Responsibilities
Assess and create a vision for strengthening the GRC practices of
Security Engineering including but not limited to publication of
security controls, authoring and/or revision of ancillary
documentation (e.g., Synchrony Policies, Standards, and
Procedures), and evidence-gathering practices Advocate for and
facilitate the integration of GRC into Security Engineering
programs Partner with Risk Managers and Governance personnel to
ensure organizational alignment Build and maintain a Security
Engineering control library mapped to enterprise risks and
frameworks (e.g., NIST/FFIEC/PCI as applicable). Standardize
evidence requirements, retention, and automation opportunities
(e.g., GRC tooling, CI/CD artifacts, logging sources). Partner on
control testing/assurance activities (design/operating
effectiveness), including periodic reviews and control health
metrics. Prioritize and align security objectives with the controls
necessary for risk mitigation and operational efficiency Lead and
manage cross-functional information security engineering
initiatives Provide executive-ready communications and influence
decisions through data and risk-based narratives. Coordinate
project planning, resource allocation, risk management, and
stakeholder engagement to ensure program milestones are met.
Establish and run a Security Engineering program governance cadence
(steering, RAID, milestone reviews). Drive consistent delivery
artifacts: charters, business cases (as needed), integrated plans,
RAID logs, comms plans. Build strong collaborative relationships
with security engineers, architects, compliance teams, and business
partners to drive program success. Act as a key liaison between
technical teams and business units, facilitating communication and
consensus without direct authority. Develop and maintain program
documentation including roadmaps, status reports, risk registers,
and post-mortem analyses. Monitor project progress, identify and
mitigate risks and blockers, escalating issues strategically when
needed. Stay informed on emerging information security technologies
and industry trends to provide context and guidance for program
direction. Advocate for best practices in security engineering
project execution and contribute to continuous improvement of
program management processes. Drive initiatives with strong
organizational discipline, attention to detail, and proactive
problem-solving mindset. Perform other duties and/or special
projects as assigned. Qualifications/Requirements Bachelor's degree
in Information Technology, Cybersecurity, Business Administration,
or a related discipline is preferred; in lieu of a degree, minimum
6 years of relevant experience will be considered. 5 years of
program or project management experience in information security or
IT engineering environments. Awareness and conceptual understanding
of information security technologies such as data protection,
encryption, or data protection Experience collaborating with
cross-functional technology teams, including engineers, architects,
and compliance professionals. PMP, PMI-ACP, or similar project
management certification is a plus. Ability and flexibility to
travel for business as required Desired Characteristics:
Fundamental understanding and Governance, Risk, and Compliance
concepts, such as correlation of controls to registered risks
Familiarity with regulatory / compliance frameworks such as NIST,
CRI, FFIEC, and PCI DSS Solid understanding of information security
concepts and emerging technologies, including cryptography, data
protection, and endpoint security Demonstrated success managing
complex technology programs in cybersecurity or related technical
fields. Exceptional interpersonal skills with proven ability to
influence and collaborate across multiple teams and stakeholders
without direct reporting lines. Strong organizational and
multitasking abilities, capable of managing competing priorities
effectively. Experience with agile and traditional project
management methodologies and tools. Ability to communicate
technical concepts clearly to both technical and non-technical
audiences. Keen problem-solving, analytical skills, and a proactive
approach to driving project outcomes. Eligibility Requirements You
must be 18 years or older You must have a high school diploma or
equivalent You must be willing to take a drug test, submit to a
background investigation and submit fingerprints as part of the
onboarding process You must be able to satisfy the requirements of
Section 19 of the Federal Deposit Insurance Act. New hires (Level
4-7) must have 9 months of continuous service with the company
before they are eligible to post on other roles. Once this new hire
time in position requirement is met, the associate will have a
minimum 6 months’ time in position before they can post for future
non-exempt roles. Employees, level 8 or greater, must have at least
18 months’ time in position before they can post. All internal
employees must consistently meet performance expectations and have
approval from your manager to post (or the approval of your manager
and HR if you don’t meet the time in position or performance
expectations). Legal authorization to work in the U.S. is required.
We will not sponsor individuals for employment visas, now or in the
future, for this job opening. All qualified applicants will receive
consideration for employment without regard to race, color,
religion, sex, sexual orientation, gender identity, national
origin, disability, or veteran status. Our Commitment When you join
us, you’ll be part of an inclusive culture where your individual
skills, experience, and voice are not only heard – but valued.
Together, we’re building a future where we can all belong, connect,
and turn ideals into action. More than 50% of our workforce is
engaged in our Employee Resource Groups (ERGs), where community and
passion intersect to offer a safe space to learn and grow. This
starts when you choose to apply for a role at Synchrony. We ensure
all qualified applicants will receive consideration for employment
without regard to age, race, color, religion, gender, sexual
orientation, gender identity, national origin, disability, or
veteran status. We’re proud to have an award-winning culture for
all. Grade/Level 13 The salary range for this position is
155,000.00 – 260,000.00 USD Annual and is eligible for an annual
bonus based on individual and company performance. Actual
compensation offered within the posted salary range will be based
upon work experience, skill level or knowledge. Salaries are
adjusted according to market in CA, NY Metro and Seattle.
Reasonable Accommodation Notice Federal law requires employers to
provide reasonable accommodation to qualified individuals with
disabilities. Please tell us if you require a reasonable
accommodation to apply for a job or to perform your job. Examples
of reasonable accommodation include making a change to the
application process or work procedures, providing documents in an
alternate format, using a sign language interpreter, or using
specialized equipment. If you need special accommodations, please
call our Career Support Line so that we can discuss your specific
situation. We can be reached at 1-866-301-5627. Representatives are
available from 8am – 5pm Monday to Friday, Central Standard Time
Job Family Group: Information Technology
Keywords: Synchrony Financial, West Covina , VP, Security Engineering Programs & Controls, IT / Software / Systems , Costa Mesa, California
