VP, Cloud IAM Lead Engineer

at Synchrony in Chicago, Illinois, United States

Job Description

Job Description:

Role Summary/Purpose:

The VP, Cloud IAM Lead Engineer will play a critical role in leading the design, engineering, and delivery of AWS IAM solutions for the strategic transformation of Synchrony’s AWS Public Cloud platform. This role will work across organizational boundaries to understand the technology ecosystem and deliver innovative solutions centered around robust preventative controls and automation to drive critical operational excellence, governance, & oversight of IAM for Synchrony’s AWS systems. Additionally, this individual will drive and advance the Cloud IAM Engineering team’s strategy for enabling our business.

We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.

Essential Responsibilities:

+ Design, engineer, deploy, and document AWS IAM solutions working closely with application architects & lead engineers, product teams, information security, and risk management functions.

+ Deploy robust preventative controls & automation to enhance effectiveness of AWS IAM access controls and minimize the AWS IAM attack surface.

+ Establish strong relationships and deeply partner with technology product teams on their journey to develop innovative capabilities for Synchrony using the right solutions, with the right access, at the right time.

+ Drive a culture of continuous process improvement, risk management, & operational excellence through metrics and reporting.

+ Continuously improve AWS IAM Engineering processes to reduce friction & accelerate the adoption of innovative new cloud technologies for Synchrony at scale.

+ Provide deep subject matter expertise for AWS IAM platform services, entities, configuration, and best practices.

+ Apply technical knowledge, industry experience, expertise, and insights to contribute to the development & execution of Cloud IAM Engineering capabilities.

+ Day-to-day management & maintenance of the Cloud IAM Engineering required to support business requirements, application integrations, workloads, regulatory compliance, and all other platform efforts or deliverables.

+ Maintain strong security posture & resiliency through comprehensive compliance and continuous monitoring procedures.

+ Collaborate across cross-functional teams to improve and deliver on business objectives and priorities.

+ Collaborate with various groups and individuals to troubleshoot and resolve escalated production issues.

+ Provide ongoing coaching and mentorship to Cloud IAM Engineers and Junior Cloud IAM engineers to continuously improve the technical knowledge and continuous learning culture across the team.

Qualifications/Requirements:

+ BS/BA in Computer Science / other technical degree or Business Management and 10 years of IT experience or in lieu of degree High School Diploma/GED and 15 years of IT experience.

+ Minimum of 5 years of experience leading engineering efforts for AWS IAM and/or AWS Security initiatives.

+ Minimum of 5 years of experience developing automated solutions using Python scripts, modules, and/or packages for managing AWS configuration.

+ Minimum of 3 years of experience in planning, building, & managing AWS IAM Policies, SAML Roles, Cross-Account Roles, Service-Link Roles, and applying access conditions & restrictions.

+ Minimum of 3 years of experience in the development & operational support of AWS IAM processes, application integrations, vulnerability management, workload support, regulatory compliance, and service delivery/management.

+ Minimum of 2 years of experience developing Infrastructure-as-Code solutions via Terraform.

+ Minimum of 2 years of experience in automating deployments via BitBucket/Git and Jenkins following DevOps & CI/CD best practices.

+ Strong understanding of identity and access management principles and best practices on AWS.

Desired Characteristics:

+ Proven analytical mindset; Ability to identify patterns or correlation within data sets.

+ Critical attention to detail; Ability to coordinate multiple deliverables across multiple teams.

+ Strong executive presence, communication, presentation skills.

+ Strong engineering and architecture skills; especially in information security.

+ Experience working with agile methodologies as a Product Owner and/or Tech Lead on a product team.

+ Hands-on experience working across various identity functions including Identity Governance & Administration, Authentication / Authorization, Directory Services, Privilege Management, and Secrets Management.

+ Experience designing and building resilient API/Microservice solutions with DevOps and fully automated service delivery capabilities.

+ Knowledge of the organization’s enterprise technology goals and objectives.

+ Knowledge of the organization’s core business/mission processes.

+ Knowledge of Personally Identifiable Information (PII) data security standards.

+ Knowledge of Payment Card Industry (PCI) data security standards.

+ Knowledge of laws, policies, procedures, or governance relevant to cybersecurity for critical infrastructures.

+ Knowledge of cyber defense and information security policies, procedures, and regulations.

+ Knowledge of information technology (IT) risk management policies, requirements, and procedures.

+ Skill in creating policies that reflect system security objectives.

Grade/Level: 12

The salary range for this position is 130,000.00 – 210,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements:

+ You must be 18 years or older

+ You must have a high school diploma or equivalent

+ You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

+ You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

+ New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Our Commitment:

When you join us, you’ll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard-but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we’re building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+ (https://www.synchronycareers.com/our-culture/#diversity) , with more than 60% of our workforce engaged, you’ll find