AVP, Security Engineer

Company: Disability Solutions
Location: New York
Posted on: January 18, 2025

Job Description:

Job Description:Role Summary/Purpose:The AVP,---Application Security Engineer---will be responsible for leading and driving---Public Cloud engineering activities for the Application Security program.---This includes designing and building Application Security capabilities and technologies to support the Application Security strategy and vision.---In this role, this individual will be working closely with the Application Security leadership and team to ensure delivery of Cloud activities as part of the Application Security Program Roadmap. This role involves collaborating with cross-functional teams to develop and enforce security policies, identify vulnerabilities, and create robust security solutions for cloud-based systems.----Our Way of WorkingWe're proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.Essential Responsibilities:The Application Security Engineer coordinates across all elements of the IT organization at all levels, including senior executives. This role requires experience in information security, cloud security, vulnerability management, and secure code development; the candidate will be viewed as (and must be) a subject-matter expert.---Responsibilities include:-------

• Partners with the Application Security leadership to define the intent, vision, and roadmap for Cloud Application Security engineering efforts.--
• Accountable for the design and build of the application security technologies and capabilities.----
• Stays current with the emerging threat landscape and develops/enhances capabilities and tooling to safeguard the business from various threats.----
• Partners closely with the Application Security program to ensure tooling and capabilities are meeting business and regulatory requirements.----
• Provides strong problem-solving engineering expertise in the relevant domain.----
• Strives for continuous improvement and the development of an engineering excellence program. Expected to identify gaps/inefficiencies and proactively implement custom engineered solutions to automate and streamline workflows across technical domains.----
• Ensures that as part of designing and building efficient cyber security capabilities, engineered solutions are implemented with industry best practices, compliance, and regulatory requirements such as PCI-DSS, HIPAA, etc.----
• Work with existing solution vendors to identify, evaluate,-- implement, and optimize technical engineering solutions to meet business needs in alignment with Application Security program standards.--
• Provide technical leadership and subject-matter expertise to constituents' firm-wide on Application Security in the Public Cloud best practices.--
• Familiar with Software Development Life Cycle (SDLC) framework and experienced with Continuous Integration and Continuous Delivery (CI/CD) toolsets and principles in line with proper change management and automated security testing within pipelines.----
• Assess our current cloud security and propose improvements or solutions--
• Expert understanding of proper cloud and network design, architecture, and security principles across public and private cloud technologies in an enterprise environment.----
• Detailed understanding of container security, architectures, best practices, and related risks.--
• Perform other duties and/or special projects as assigned.Qualifications/Requirements:
  • Bachelor's degree and a minimum 5 years of work experience in IT OR in in lieu of a degree, a High School Diploma/GED and minimum 7 years work experience--
  • Minimum of 4 years of experience in information security or related technology experience.-----
  • Minimum 3 years of experience with regulatory compliance and information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.)--
  • Experience deploying services in a multi-cloud environment--
  • One or more relevant or related cloud certifications (AWS, Azure or GCP).--Desired Characteristics:
    • Demonstrated technical expertise in existing security and IT systems and an ability to keep pace with changing security and IT technologies--
    • Experience in securing Cloud, Containers, IaC--
    • Knowledgeable in scripting (Powershell, Bash, Python, etc) and automation--
    • Experience with container and orchestration solutions, including Kubernetes, OpenShift, or managed services such as AWS EKS, GCP GKE, or Azure AKS------
    • Strong interpersonal skills, with an emphasis on demonstrating previous experience effectively influencing others at all levels within the organization and cross functionally----
    • A team-focused mentality with proven experience to work effectively with diverse stakeholders----
    • Demonstrated experience communicating complex and technical issues to diverse audiences, verbally and in writing, in an easily-understood, and actionable manner--
    • Knowledge of application development practices and tool sets.--
    • Deep knowledge of and experience in vulnerability management, risk management, and information security.--Grade/Level: 11The salary range for this position is 110,000.00 - 185,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.Salaries are adjusted according to market in CA, NY Metro and Seattle.Eligibility Requirements:
      • You must be 18 years or older
      • You must have a high school diploma or equivalent
      • You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
      • You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
      • New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles.-- Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles.-- Employees, level 8 or greater, must have at least 18 months' time in position before they can post.-- All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance expectations).Legal authorization to work in the U.S. is required.-- We will not sponsor individuals for employment visas, now or in the future, for this job opening.--All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.--Our Commitment:When you join us, you'll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard-but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we're building a future where we can all belong, connect and turn ideals into action. Through the power of our 8--, with more than 60% of our workforce engaged, you'll find community to connect with an opportunity to go beyond your passions.This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.Reasonable Accommodation Notice:
        • Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
        • If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627.---- Representatives are available from 8am - 5pm Monday to Friday, Central Standard TimeJob Family Group:Information Technology

Keywords: Disability Solutions, East Orange , AVP, Security Engineer, Engineering , New York, New Jersey