Role Summary/Purpose:
The AVP, Security Engineering Controls Program Analyst will support the modernization and operationalization of the Information Security Engineering control landscape. This role helps maintain a consistent control library and supporting documentation (e.g., standards, procedures, and control narratives), and supports program execution activities that embed Governance, Risk, and Compliance (GRC) requirements into Security Engineering work. The ideal candidate is highly organized, detail-oriented, and able to coordinate across teams to drive timely delivery of control-related artifacts and program milestones.
Essential Responsibilities:
Support the maintenance of a Security Engineering control library, including mapping controls to enterprise risks and applicable frameworks (e.g., NIST/FFIEC/PCI as applicable).
Draft, update, and publish control documentation and supporting materials, including control narratives, standards, procedures, and job aids.
Coordinate evidence expectations by documenting required artifacts, partnering with engineering teams to locate/collect evidence, and tracking retention needs.
Support integration of control requirements into Security Engineering initiatives by helping manage plans, milestones, dependencies, and deliverables.
Establish and maintain program execution artifacts such as meeting notes, action logs, RAID logs, status reporting, and milestone tracking.
Partner with GRC and Risk stakeholders to clarify control intent, support control health discussions, and ensure alignment of documentation and deliverables.
Assist with periodic control reviews by coordinating inputs, tracking issues/findings, and supporting remediation action tracking.
Identify opportunities to improve consistency and efficiency in control documentation and evidence collection (e.g., templates, automation ideas, tooling enhancements) and raise recommendations to program leads.
Prepare materials for stakeholder updates and assist in communicating progress, risks, and blockers to appropriate audiences.
Perform other duties and/or special projects as assigned.
Qualifications/Requirements:
Bachelor’s degree in Information Technology, Cybersecurity, Business Administration, or related field preferred; or equivalent relevant experience.
1–3 years of experience in program/project coordination, technology operations, GRC support, risk/compliance, or information security.
Foundational understanding of information security concepts (e.g., access management, logging/monitoring, encryption/data protection, vulnerability management).
Experience coordinating across cross-functional teams and managing multiple tasks with deadlines.
Proficiency with common documentation and work management tools (e.g., MS Office/Google Workspace; Jira/Confluence/ServiceNow or similar).
Ability and flexibility to travel for business as required.
Desired Characteristics:
Basic familiarity with control frameworks and terminology (e.g., NIST, FFIEC, PCI DSS) and how controls relate to risk.
Strong written communication skills, including the ability to produce clear documentation and summarize work for stakeholders.
Strong attention to detail and ability to follow structured processes while improving them over time.
Collaborative working style with the ability to influence through coordination, follow-through, and relationship building.
Comfort learning new technical concepts and operating in a dynamic environment with shifting priorities.
Grade/Level: 10
The salary range for this position is 100,000.00 - 170,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.
Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.
Salaries are adjusted according to market in CA, NY Metro and Seattle.
Our Way of Working:
We’re proud to offer you flexibility. At Synchrony, our way of working allows you to have the option to work from home near one of our Hubs or come into one of our offices. You will be required to commute to your nearest Hub (either virtual or physical) for in-person engagement activities such as regular business or team meetings, training and culture events.
*Field Sales and some Commercial team roles may have varied location requirements based upon partner obligations or preferences.
Eligibility Requirements:
You must be 18 years or older
You must have a high school diploma or equivalent
You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).
Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.
Our Commitment:
When you join us, you’ll be part of an inclusive culture where your individual skills, experience, and voice are not only heard – but valued. Together, we’re building a future where we can all belong, connect, and turn ideals into action. More than 50% of our workforce is engaged in our Employee Resource Groups (ERGs), where community and passion intersect to offer a safe space to learn and grow.
This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status. We’re proud to have an award-winning culture for all.
Reasonable Accommodation Notice:
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time
Job Family Group:
Information Technology