OneMain Financial Jobs

Job Description:

Role Summary/Purpose:

The VP, Security Engineering Programs & Controls will lead modernization of the Information Security Engineering control landscape, ensuring a complete vision for control coverage and standardization across all Security Engineering functions. The ideal candidate will have tactical and strategic experience in organizing and driving technology programs, and demonstrate a keen ability to integrate Governance, Risk, and Compliance (GRC) deliverables into program execution. The ideal candidate will have a working awareness of information security technologies, excellent organizational skills, and the ability to influence without direct authority to advance key security objectives.

Our Way of Working

We're proud to offer you flexibility. At Synchrony, our way of working allows you to have the option to work from home near one of our Hubs or come into one of our offices. Occasionally you will be required to commute or travel for in person engagement activities such as business or team meetings, training and culture events.

*Field Sales and some Commercial team roles may have varied location requirements based upon partner obligations or preferences.

Essential Responsibilities:

• Assess and create a vision for strengthening the GRC practices of Security Engineering including but not limited to publication of security controls, authoring and/or revision of ancillary documentation (e.g., Synchrony Policies, Standards, and Procedures), and evidence-gathering practices

• Advocate for and facilitate the integration of GRC into Security Engineering programs

• Partner with Risk Managers and Governance personnel to ensure organizational alignment

• Build and maintain a Security Engineering control library mapped to enterprise risks and frameworks (e.g., NIST/FFIEC/PCI as applicable).

• Standardize evidence requirements, retention, and automation opportunities (e.g., GRC tooling, CI/CD artifacts, logging sources).

• Partner on control testing/assurance activities (design/operating effectiveness), including periodic reviews and control health metrics.

• Prioritize and align security objectives with the controls necessary for risk mitigation and operational efficiency

• Lead and manage cross-functional information security engineering initiatives

• Provide executive-ready communications and influence decisions through data and risk-based narratives.

• Coordinate project planning, resource allocation, risk management, and stakeholder engagement to ensure program milestones are met. Establish and run a Security Engineering program governance cadence (steering, RAID, milestone reviews).

• Drive consistent delivery artifacts: charters, business cases (as needed), integrated plans, RAID logs, comms plans.

• Build strong collaborative relationships with security engineers, architects, compliance teams, and business partners to drive program success.

• Act as a key liaison between technical teams and business units, facilitating communication and consensus without direct authority.

• Develop and maintain program documentation including roadmaps, status reports, risk registers, and post-mortem analyses.

• Monitor project progress, identify and mitigate risks and blockers, escalating issues strategically when needed.

• Stay informed on emerging information security technologies and industry trends to provide context and guidance for program direction.

• Advocate for best practices in security engineering project execution and contribute to continuous improvement of program management processes.

• Drive initiatives with strong organizational discipline, attention to detail, and proactive problem-solving mindset.

• Perform other duties and/or special projects as assigned.

Qualifications/Requirements:

• Bachelor's degree in Information Technology, Cybersecurity, Business Administration, or a related discipline is preferred; in lieu of a degree, minimum 6 years of relevant experience will be considered.

• 5+ years of program or project management experience in information security or IT engineering environments.

• Awareness and conceptual understanding of information security technologies such as data protection, encryption, or data protection

• Experience collaborating with cross-functional technology teams, including engineers, architects, and compliance professionals.

• PMP, PMI-ACP, or similar project management certification is a plus.

• Ability and flexibility to travel for business as required

Desired Characteristics:

• Fundamental understanding and Governance, Risk, and Compliance concepts, such as correlation of controls to registered risks

• Familiarity with regulatory / compliance frameworks such as NIST, CRI, FFIEC, and PCI DSS

• Solid understanding of information security concepts and emerging technologies, including cryptography, data protection, and endpoint security

• Demonstrated success managing complex technology programs in cybersecurity or related technical fields.

• Exceptional interpersonal skills with proven ability to influence and collaborate across multiple teams and stakeholders without direct reporting lines.

• Strong organizational and multitasking abilities, capable of managing competing priorities effectively.

• Experience with agile and traditional project management methodologies and tools.

• Ability to communicate technical concepts clearly to both technical and non-technical audiences.

• Keen problem-solving, analytical skills, and a proactive approach to driving project outcomes.

Grade/Level: 13

The salary range for this position is 155,000.00 - 260,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements:

• You must be 18 years or older

• You must have a high school diploma or equivalent

• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process

• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.

• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months' time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Our Commitment:

When you join us, you'll be part of an inclusive culture where your individual skills, experience, and voice are not only heard - but valued. Together, we're building a future where we can all belong, connect, and turn ideals into action. More than 50% of our workforce is engaged in our Employee Resource Groups (ERGs), where community and passion intersect to offer a safe space to learn and grow.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status. We're proud to have an award-winning culture for all.

Reasonable Accommodation Notice:

• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am - 5pm Monday to Friday, Central Standard Time

Job Family Group:

Information Technology