VP, Cloud Risk and Control Manager

Job Description:

Role Summary/Purpose:

The VP, Cloud Risk and Control Manager drives identification and mitigation of risks associated with public cloud migration program and systems implementation. This role requires understanding of public cloud technology, security protocols, and risk management techniques. As the Cloud Risk and Control Manager, you will monitor Synchrony’s public cloud-based systems and assess compliance with Synchrony enterprise risk standards, industry standards, as well as regulatory requirements.  This includes assessing and analyzing potential risks, prioritizing risk areas, and work with relevant teams to identify solutions to address them. You will also collaborate with the Independent Risk Management teams and other functional teams to develop and implement effective risk management strategies, including providing inputs into disaster recovery plans, incident response plans, and overall security protocols.

​To excel in this position, you will need excellent problem-solving skills, attention to detail, ability to conduct broad and targeted risk assessment, and the ability to communicate complex information to both technical and non-technical stakeholders.

Our Way of Working

We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.

Essential Responsibilities:

• Provide risk governance for public cloud systems and migration program management, including risk identification and mitigation approaches across the enterprise.

• Conduct holistic public cloud migration program risk and control assessment and deliver formal written assessment report to stakeholders.

• Define and analyze risks associated with public cloud computing and, in partnership with Chief Data Office and Information Security team, identify potential threats to sensitive data and systems.

• Partner with Information Security team and Independent Risk Management teams to assess cloud security risks and drive remediation efforts.

• Collaborate with Cloud Control team to conduct regular assessments to determine the overall control compliance of public cloud system environments.

• Develop and implement risk management strategies to mitigate the impact of public cloud-related system risks and ensure alignment with enterprise risk standards, regulatory requirements and industry standards/best practices.

• Drive a culture of control compliance

• Keep up-to-date with industry trends and emerging technologies to ensure that cloud risk management strategies remain effective and relevant.

• Ensure stakeholders are informed about industry trends and best practices in public cloud risk management.

• Build strong relationships with Synchrony’s Independent Risk Management teams to identify changes in the business that require  support and oversight.

• Senior management reporting

• Provide regular reporting of risk and control assessment outcome to senior leadership and/or management committees

• Escalate risks/control deficiencies to leadership and/or management committees

• Perform other duties and/or special projects as assigned. 

Qualifications/Requirements:

• Bachelor's degree in Computer Science, Information Technology, or a related field and a minimum of 10+ years of  technology risk management experience; or in lieu of degree 14+ years’ of cloud-specific risk management experience.

• 3+ years of experience working with cloud governance and compliance principles. 

• Proven experience in public cloud computing, risk management, control governance or IT security.

• Risk management expertise on cloud platforms such as AWS, Azure, or Google Cloud.

• Familiarity with compliance standards such as NIST CSF, HIPAA, and ISO 27001.

• Experience communicating effectively with many different levels within an organization, including delivering presentations to Senior Leadership.

Desired Characteristics:

• In-depth understanding of cloud governance and compliance principles. 

• In-depth risk management expertise on cloud platforms such as AWS, Azure, or Google Cloud.

• Certifications such as Certified Information Systems Security Professional (CISSP) or Certified Cloud Security Professional (CCSP).

• Experience with cloud security tools and technologies.

• Excellent analytical skills and ability to translate data into key technical insights with attention to detail.

• Strong communication and interpersonal skills for effective collaboration.

• Ability to manage multiple projects and prioritize tasks effectively.

• Ability to work independently in fast paced environment

• Leadership skills and the ability to influence, manage and motivate teams across different functions.

Grade/Level: 14

The salary range for this position is 170,000.00 - 290,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements:

• You must be 18 years or older

• You must have a high school diploma or equivalent

• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles.  Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles.  Employees, level 8 or greater, must have at least 18 months’ time in position before they can post.  All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required.  We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. 

Our Commitment:

When you join us, you’ll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard—but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we’re building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks+, with more than 60% of our workforce engaged, you’ll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627.   Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time

Job Family Group: