VP, Authentication Solutions

Job Description:

Role Summary/Purpose:

The Identity Access Management (IAM) VP, Authentications Solutions is responsible for the design, development, implementation, application integration and improvement of Synchrony's access management solutions including, but not limited to, Single Sign On & Federation, Directory Services, Multifactor and Authentication. Architecting these services to be robust and scalable supporting Synchrony's employees, contractors, clients and customers. Lead a team of IAM engineers as the Okta platform and multi-factor authentication agile product owner.

This position is remote, where you have the option to work from home. On occasion we may request for you to commute to our nearest office for in person engagement activities such as team meetings, training and culture events. To ensure the safety of our colleagues and communities, we require employees who come together in-person to be fully vaccinated. We're proud to offer you choice and flexibility.

Essential Responsibilities:

• The ideal candidate for this role will embrace the exciting blend of technical expertise, project management, engagement ability and leadership that is required to be successful.
• Provide strategic foresight and long-term development planning for future authentication technologies in Synchrony.
• Lead Synchrony's authentication architecture roadmap to transform business requirements into technical IAM requirements for complex integrations.
• Provide authentication development best practices and coaching to application teams and IAM SSO engineers.
• Update Synchrony's SSO authentication integration playbook and creating IAM authentication design patterns for future integration capabilities.
• Collaborate with key enablers and infrastructure teams such as Network, Perimeter Security, Cloud Engineering, SailPoint, RBAC, RPA (Robotic Process Automation), PCF (Pivotal Cloud Foundry), Active Directory and Security Administration teams to ensure end to end coverage of Authentication, Authorization, Identity Governance, Automation Processes and seamless SSO integration.
• Stage, test and implement new SSO integrations, as well as application integration enhancements and reconfigurations.

Qualifications/Requirements:

• Bachelor's degree in Computer Engineering or related field, with a minimum of 5 years of experience in Information Security OR in lieu of the Bachelor's degree, a minimum of 7 years of experience in Information Security
• Minimum of 3 years of experience in the development and/or operational experience with Okta including platform implementation, installation, configuration & administration.
• Minimum of 3 years of implementation experience with SSO and federation using SAML 1.x, SAML 2.0, Oauth, OIDC and WS-federation
• Must have knowledge of application authentications within iOS, Android, MacOS, Windows, Citrix, VDI, ChromeOS and Linux operating systems across multiple web browsers (Chrome, Edge, IE).
• Must have knowledge of application stack, infrastructure and cloud computing to design solutions focusing on scalability, resiliency, performance and efficiency.

Desired Characteristics:

• Working knowledge of Sailpoint Identity IIQ, Bomgar Privileged Identity (formerly Lieberman Rapid Enterprise Defense (RED) Identity Management) and RSA Authentication Manager, Yubikeys
• Strong analytical and clear-thinking skills
• Excellent team skills and self-motivated
• Experience in enterprise level security in a financial institution
• Experience of designing and using REST/SOAP web services
• Experience with Identity Brokers/IDaaS solutions like Okta, PingOne, AWS SSO or Azure AD
• Experience with CASBs (Cloud Access Security Brokers)

Eligibility Requirements:

• You must be 18 years or older
• You must have a high school diploma or equivalent
• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months' time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 24 months' time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don't meet the time in position or performance expectations).

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice:

• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am - 5pm Monday to Friday, Central Standard Time.

The salary range for this position is 85,000.00 - 170,000.00 USD Annual

Salaries are adjusted according to market in CA and Metro NY and some positions are bonus eligible.

Grade/Level: 12

Job Family Group:

Information Technology