Job Description:
Role Title: VP, CoreTech PCI Governance, Risk and Compliance (L12)
Company Overview:
Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.
We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies.
We offer Flexibility for all employees and provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being.
We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles.
Organizational Overview:
The VP CoreTech Governance lead function is part of the CoreTech Governance and Risk organization and operates as a First Line of Defense (1LOD) function. It is responsible for ensuring enterprise-wide adherence for CoreTech to Payment Card Industry Data Security Standards (PCI DSS) and related regulatory requirements. This group partners with technology, audit, compliance, and business stakeholders to identify, monitor, and remediate PCI-related risks across Synchrony’s global infrastructure.
Role Summary/Purpose:
The Vice President (VP), CoreTech Governance and Risk, will lead governance, risk, and compliance activities related to PCI requirements. The VP collaborates cross-functionally to ensure Synchrony maintains PCI compliance, mitigates risks, and provides clear, auditable documentation for internal and external stakeholders. This role is accountable for timely issue remediation, supporting audits and regulatory examinations, managing policy lifecycles, driving risk acceptance processes, and overseeing exceptions management.
Key Responsibilities:
PCI Exam Execution: Responsible for preparing, coordinating, and executing PCI compliance examinations for the CoreTech organization by gathering evidence, and ensuring documentation aligns with PCI DSS requirements. Partners across Technology to remediate gaps, respond to assessor requests, and support ongoing compliance reporting and continuous improvement.
Issue Management: Ensure timely identification, tracking, remediation, and closure of issues by collaborating with Technology teams, Issue Management, Second Line of Defense (2LOD), and Internal Audit.
Audit and Examination Support: Coordinate internal meetings, evidence collection, preparation, and responses to auditors, regulators, and Internal Audit teams.
Risk Acceptance Oversight: Lead risk acceptance activities by managing documentation, obtaining approvals, and ensuring alignment with company policies.
Policy Lifecycle Management: Manage the development, review, approval, and publication of PCI-related policies, standards, and procedures.
Exception Management: Oversee the intake, validation, documentation, and approval of exception requests, ensuring compliance with governance requirements.
Metrics and Reporting: Provide regular status updates and metrics on issue remediation, risk acceptance activities, exceptions, and audit readiness to senior leadership and stakeholders.
Required Skills/Knowledge:
Bachelor's degree with 10+ years of 1st Line of Defense experience Or in lieu of a degree 12+ years of experience required.
Experience with PCI-DSS Audits in Financial institution
Strong knowledge of Payment Card Industry Data Security Standard (PCI DSS) requirements and controls.
Experience managing governance, risk, and compliance programs in a regulated environment.
Ability to discuss risks and mitigations with Senior Leadership.
Proven project management and coordination skills.
Excellent verbal and written communication skills.
Ability to collaborate effectively with cross-functional teams including technology, audit, and risk.
Detail-oriented with strong organizational and analytical abilities.
Desired Skills/Knowledge:
Prior experience supporting audits related to PCI compliance.
Experience with risk management or issues management.
Understanding of risk acceptance frameworks and process automation tools.
Familiarity with enterprise policy management systems.
Experience working in financial services or consumer finance industries.
Eligibility Criteria:
Bachelor's degree with 10+ years of 1st Line of Defense experience Or in lieu of a degree 12+ years of experience required.
Work Timings: 8AM - 5PM EST
This role qualifies for Enhanced Flexibility offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time – 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs)
We are proud to offer flexibility at Synchrony. Our way of working allows you the option to work from home or workspaces in our Regional Engagement Hubs—Hyderabad, Bengaluru, Pune, Kolkata, or Delhi/NCR.
Occasionally you may be required to commute or travel to Hyderabad or one of the Regional Engagement Hubs for in person engagement activities such as business or team meetings, trainings, and culture events.
For Internal Applicants:
Understand the criteria or mandatory skills required for the role, before applying
Inform your manager and HRM before applying for any role on Workday
Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)
Must not be any corrective action plan (First Formal/Final Formal, LPP)
L10+ Employees who have completed 18 months in the organization and 12 months in current role and level are only eligible.
L10+ Employees can apply
Grade/Level: 12
Job Family Group:
Information Technology