VP-Privileged Access Management (PAM) Engineer (L12)Engineer (L12)

Job Title: VP-Privileged Access Management (PAM) Engineer (L12)

Company Overview:
• Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.
• We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies.
• We provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being.
• We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles.

Organizational Overview:

This Privileged Access Management team will partner with credential owners and application teams to transition statically managed credentials to dynamically managed credentials, improving security posture and operational consistency.

Role Summary/Purpose:- We are seeking a highly skilled PAM Engineer with proven experience in Delinea Secret Server, Server Suite, and Delinea Just Enough Privilege (JEP) to manage, support, and enhance our privileged access management environment. This role includes daily operational ownership of the Delinea platform—performing health checks, remediating system and credential management failures, and ensuring reliable credential rotation and vault operations. The PAM Engineer will partner with credential owners and application teams to transition statically managed credentials to dynamically managed credentials, improving security posture and operational consistency.

In addition, this role requires strong leadership characteristics—the ability to lead and support a team through clear direction, collaboration, mentoring, and operational rigor—while also remaining hands-on and capable of performing the core engineering tasks. The ideal candidate will support integrations, troubleshoot issues, collaborate across teams, and participate in an on-call rotation to maintain compliant and resilient PAM services.

Key Responsibilities

• Administer and maintain Delinea Secret Server, Server Suite, platform components, and Delinea Just Enough Privilege (JEP) to ensure stable and compliant operations.

• Perform daily health checks of the Delinea environment, validate job/rotation status, and ensure service availability and performance.

• Remediate platform issues and credential management failures (e.g., rotation/check-out failures), perform root cause analysis, and implement corrective actions.

• Partner with credential owners and application teams to convert statically managed credentials into dynamically managed (vaulted and rotated) credentials.

• Integrate IT systems, applications, and network devices with the PAM vault, including databases, ServiceNow, and other enterprise platforms.

• Support the full lifecycle of privileged credentials, including onboarding, vaulting, rotation, access policies, and audit support.

• Leverage out-of-the-box Delinea integrations and customize configurations when required to meet business needs.

• Collaborate with security, network, infrastructure, and application teams to ensure secure connectivity, compliance, and successful onboarding.

• Provide on-call support to respond to incidents, outages, and urgent credential access/rotation issues.

• Apply patches and upgrades, monitor logs and system health, and optimize platform performance and reliability.

• Document configurations, integrations, operational procedures, and incident/root cause findings.

Leadership & Team Support Responsibilities (Added)

• Lead by example as a hands-on engineer, actively performing PAM engineering tasks while setting standards for quality, security, and operational excellence.

• Provide day-to-day guidance and support to team members (prioritization, troubleshooting assistance, technical direction), ensuring timely resolution of platform and credential issues.

• Mentor and upskill peers on Delinea capabilities, integrations, troubleshooting practices, and credential lifecycle management.

• Coordinate work across stakeholders (security, infrastructure, network, application teams) to drive onboarding and remediation efforts to completion.

• Promote operational discipline, including runbooks, repeatable processes, incident response consistency, and continuous improvement through lessons learned/root cause reviews.

• Communicate effectively during incidents and escalations, helping drive clarity, accountability, and rapid restoration of service.

Qualifications & Requirements :

• Bachelor's degree with Minimum 12+ Years of cybersecurity, 10+ Years in PAM & 5 years Delinea and in lieu of a degree 14+ years of relevant experience.

• Proven experience with Secret Server, Server Suite, Just Enough Privilege (JEP), and related PAM capabilities.

• Demonstrated experience performing operational support, including health checks, incident response, and remediation of credential rotation failures.

• Hands-on experience integrating systems such as databases, ServiceNow, and network devices with PAM vault solutions.

• Strong understanding of privileged credential lifecycle management, rotation concepts, and security best practices.

• Experience working with credential owners/application teams to migrate from static credentials to managed/rotating credentials.

• Familiarity with Delinea out-of-the-box integrations and customization/configuration options.

Experience with most or all of the following:

• Python (useful for cross-platform automation or CI/CD pipelines)

• SQL basics (reporting/queries if you interface with Secret Server DB via approved methods—often API is preferred)

• CI/CD automation (Azure DevOps/Jenkins/GitHub Actions): storing scripts, approvals, secrets-handling patterns

• Windows & AD basics (service accounts, gMSA, LDAP concepts)

• Linux shell (Bash) if managing Unix credentials/endpoints

•  PowerShell (preferred/primary): Build and maintain automation for Delinea/Secret Server use cases, including REST API integration, JSON/data handling, modular scripting, logging, and robust error handling.

• Python: Cross-platform scripting and automation, including integration with CI/CD pipelines.

• SQL (basic to intermediate): Support reporting and data analysis needs; familiarity with querying for operational/audit insights (API-first approach when applicable).

• CI/CD Automation: Experience using Azure DevOps, Jenkins, or GitHub Actions to version, test, and deploy scripts with appropriate approvals and secure secret-handling practices.

• Windows & Active Directory: Working knowledge of service accounts, gMSA, LDAP concepts, and permission/identity management fundamentals.

• Linux/Bash: Ability to automate administrative tasks on Linux systems (SSH, sudo, cron, file permissions).

Desired Characteristics:

• Willingness and availability to participate in an on-call rotation for after-hours support.

• Strong troubleshooting, problem-solving, and communication skills; able to work effectively across teams and stakeholders.

• Demonstrated leadership characteristics: ability to lead and support a team through mentoring, coordination, clear communication, and ownership—while remaining hands-on and able to execute core engineering responsibilities.

Eligibility criteria :

Bachelor's degree with Minimum 12+ Years of cybersecurity, 10+ Years in PAM & 5 years Delinea and in lieu of a degree 14+ years of relevant experience.

Work Timing: 5AM to 2PM EST

This role qualifies for Enhanced Flexibility offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time – 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs)
We are proud to offer flexibility at Synchrony. Our way of working allows you the option to work from home or workspaces in our Regional Engagement Hubs—Hyderabad, Bengaluru, Pune, Kolkata, or Delhi/NCR.
As directed by the management, you will be required to commute or travel to Hyderabad or one of the Regional Engagement Hubs for in-person engagement activities such as business/ team meetings, trainings, and events

​For Internal Applicants:

• Understand the criteria or mandatory skills required for the role, before applying

• Inform your manager and HRM before applying for any role on Workday.

• Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)

• Must not be any corrective action plan (First Formal/Final Formal, LPP)

• L10+ Employees who have completed 18 months in the organization and 12 months in their current role and level are only eligible.

• L10+ Employees can apply.

Grade/Level: 12