Job Description:
Role Title: AVP, Cloud Security Automation Engineer (L11)
Company Overview :
Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.
We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies.
We provide best-in-class employee benefits and programs that cater to worklife integration and overall well-being.
We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles
Organizational Overview:
Synchrony’s Information Security (InfoSec) program protects the company’s information assets, technology environments, and customer data by managing security risk, establishing security standards, and enabling secure business operations. InfoSec partners with business and technology teams to integrate security into processes, products, and platforms while meeting regulatory, legal, and contractual obligations. The organization provides governance, oversight, and security services that reduce the likelihood and impact of cyber threats and strengthen enterprise resilience. This role is part of Information Security Engineering and reports to the Perimeter Defense Engineering Manager.
Role Summary/Purpose:
We are seeking an experienced Cloud Security Automation Engineer to build and operate cloud security automation using Infrastructure-as-Code (IaC) and CI/CD tooling, including Terraform, AWS CloudFormation, Ansible, and Jenkins. This role will strengthen and scale security governance by automating compliance enforcement, enhancing security controls through continuous detection and automated remediation, and embedding secure-by-design and secure-by-default principles across cloud platforms.
The engineer will partner closely with DevOps and Application teams to consult, guide, and enable them to design, deploy, and maintain secure cloud infrastructure and services through repeatable, policy-driven automation.
Key Responsibilities:
Build and maintain cloud security automation using IaC and CI/CD tooling (e.g., Terraform, CloudFormation, Ansible, Jenkins), embedding security controls into modules and pipelines for secure-by-design deployments.
Automate AWS security compliance enforcement aligned to organizational and regulatory requirements, including policy checks/guardrails, drift detection, and vulnerability analysis.
Implement automated detection and remediation for cloud misconfigurations and security control gaps; continuously tune rules to reduce false positives and expand coverage as services evolve.
Develop and standardize reusable security templates, patterns, and automation frameworks to improve consistency and repeatability across cloud environments.
Partner with DevOps and application teams to review architecture early, provide hands-on security guidance/enablement, and document standards and runbooks for operational readiness.
Required Skills/Knowledge
Bachelor’s degree with 8 years of relevant experience in cloud security and automation, including designing and implementing automated cloud infrastructure, security controls, and CI/CD-driven operational workflows, well-aligned for a Cloud Automation Engineer role in Lieu of a degree 10 years of relevant experience in cloud security and automation, including designing and implementing automated cloud infrastructure, security controls, and CI/CD-driven operational workflows, well-aligned for a Cloud Automation Engineer role.
Expert-level Infrastructure as Code (IaC) skills (CloudFormation, Terraform, Ansible) to build and manage cloud infrastructure and security group policies at scale.
Strong CI/CD automation and orchestration experience (Jenkins, CloudBees, or equivalent), including automating security guardrails and policy enforcement in partnership with DevOps teams.
Proficient in Git-based source control and workflow management, including common branching strategies and pipeline-integrated code review practices.
Deep hands-on AWS networking and security expertise in enterprise environments: VPC architecture, routing, NACLs, Security Groups, IAM, and services such as CloudTrail, Config, and Security Hub.
Ability to design scalable, compliant Security Group standards and controls; familiarity with policy-as-code and cloud security posture tools (e.g., Wiz or equivalent), with strong collaboration and communication/documentation skills.
Desired Skills/Knowledge:
AWS certifications preferred (e.g., AWS Certified Security – Specialty, AWS Certified Solutions Architect) and scripting experience (e.g., Python, JavaScript, or similar).
Experience delivering security controls in complex cloud migration initiatives, with solid understanding of network/security technologies (firewalls, proxies, WAFs, etc.).
Background in financial services or other regulated industries, with familiarity with cloud governance frameworks and relevant compliance standards.
Eligibility Criteria:
Bachelor’s degree with 8 years of relevant experience in cloud security and automation, including designing and implementing automated cloud infrastructure, security controls, and CI/CD-driven operational workflows, well-aligned for a Cloud Automation Engineer role.
Work Timings: 6:00 AM EST to 11:00 AM EST
This role qualifies for Enhanced Flexibility offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time – 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs)
We are proud to offer flexibility at Synchrony. Our way of working allows you the option to work from home or workspaces in our Regional Engagement Hubs—Hyderabad, Bengaluru, Pune, Kolkata, or Delhi/NCR.
Occasionally you may be required to commute or travel to Hyderabad or one of the Regional Engagement Hubs for in person engagement activities such as business or team meetings, trainings, and culture events
For Internal Applicants:
Understand the criteria or mandatory skills required for the role, before applying
Inform your manager and HRM before applying for any role on Workday
Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)
Must not be any corrective action plan (Formal/Final Formal)
L9+ Employees who have completed 18 months in the organization and 12 months in their current role and level are only eligible.
Employees at L9+ can only apply for this opportunity.
Grade/Level : 11
Job Family Group:
Information Technology