1 day ago

Logo of Synchrony Ventures

VP, Cloud IAM Lead Engineer

Synchrony Ventures

Cincinnati, OHAlpharetta, GAKansas City, MORemoteNew York, NYUSCharlotte, NCKansas City, KSChicago, IL

Job Description:

Role Summary/Purpose:

The VP, Cloud IAM Lead Engineer will be a team member supporting the design, engineering, and delivery of AWS IAM solutions for the strategic modernization & transformation of Synchrony’s AWS Public Cloud platform.  Lead engineers will typically support all areas within the function, while also leading a particular subject-matter (ie: automation, governance, security, etc.) or stakeholder relationship.  This role will work across organizational boundaries to understand the technology ecosystem and deliver innovative solutions to enable and scale access to cloud services.

We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.

Essential Responsibilities:

  • Design, engineer, deploy, and document AWS IAM solutions working closely with application architects & lead engineers, product teams, information security, and risk management functions.
  • Deploy robust preventative controls & automation to enhance effectiveness of AWS IAM access controls and minimize the AWS IAM attack surface.
  • Establish strong relationships and deeply partner with technology product teams on their journey to develop innovative capabilities for Synchrony using the right solutions, with the right access, at the right time.
  • Drive a culture of continuous process improvement, risk management, & operational excellence through metrics and reporting.
  • Continuously improve AWS IAM Engineering processes to reduce friction & accelerate the adoption of innovative new cloud technologies for Synchrony at scale.
  • Provide deep subject matter expertise for AWS IAM platform services, entities, configuration, and best practices.
  • Apply technical knowledge, industry experience, expertise, and insights to contribute to the development & execution of Cloud IAM Engineering capabilities.
  • Day-to-day management & maintenance of the Cloud IAM Engineering required to support business requirements, application integrations, workloads, regulatory compliance, and all other platform efforts or deliverables.
  • Maintain strong security posture & resiliency through comprehensive compliance and continuous monitoring procedures.
  • Collaborate across cross-functional teams to improve and deliver on business objectives and priorities.
  • Collaborate with various groups and individuals to troubleshoot and resolve escalated production issues.
  • Provide ongoing coaching and mentorship to Cloud IAM Engineers and Junior Cloud IAM engineers to continuously improve the technical knowledge and continuous learning culture across the team.

Qualifications/Requirements:

  • BS/BA in Computer Science / other technical degree or Business Management and 7 years of IT experience or in lieu of degree High School Diploma/GED and 10 years of IT experience.
  • 5+ years of experience engineering AWS IAM and/or AWS Security solutions.
  • 5+ years of experience developing automated solutions using Python scripts, modules, and/or packages for managing AWS configuration. 
  • 3+ years of experience in planning, building, & managing AWS IAM Policies, SAML Roles, Cross-Account Roles, Service-Link Roles, and applying access conditions & restrictions.
  • 3+ years of experience in the development & operational support of AWS IAM processes, application integrations, vulnerability management, workload support, regulatory compliance, and service delivery/management.
  • 2+ years of experience developing Infrastructure-as-Code solutions via Terraform.
  • 2+ years of experience in automating deployments via BitBucket/Git and Jenkins following DevOps & CI/CD best practices.
  • Strong understanding of identity and access management principles and best practices on AWS.

Desired Characteristics:

  • Proven analytical mindset; Ability to identify patterns or correlation within data sets.
  • Critical attention to detail; Ability to coordinate multiple deliverables across multiple teams.
  • Strong communication, and ability to articulate technical requirements to technical and non-technical stakeholders.
  • Strong engineering and architecture skills; especially in information security.
  • Experience working with agile methodologies.
  • Hands-on experience working across various identity functions including Identity Governance & Administration, Authentication / Authorization, Directory Services, Privilege Management, and Secrets Management.
  • Experience designing and building resilient API/Microservice solutions with DevOps and fully automated service delivery capabilities.
  • Knowledge of Personally Identifiable Information (PII) data security standards.
  • Knowledge of Payment Card Industry (PCI) data security standards.
  • Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.
  • Knowledge of cyber defense and information security policies, procedures, and regulations.
  • Knowledge of information technology (IT) risk management policies, requirements, and procedures.
  • Industry recognized certifications such as AWS, CCSP, CISSP, CISA, CISM, GISP, CASP, etc.

Grade/Level: 12

The salary range for this position is 130,000.00 - 210,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements:

  • You must be 18 years or older

  • You must have a high school diploma or equivalent

  • You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

  • You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

  • New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles.  Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles.  Employees, level 8 or greater, must have at least 18 months’ time in position before they can post.  All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required.  We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. 

Our Commitment:

When you join us, you’ll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard—but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we’re building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+, with more than 60% of our workforce engaged, you’ll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

  • Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

  • If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627.   Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time

Job Family Group:

Information Technology