Jobs · Information Technology · North Carolina

VP, Information Security Program Manager

Synchrony · Charlotte, NC · 4 days ago
Information TechnologyFull-time

About the role

Synchrony is more than a financial services company, we’re a team of passionate innovators committed to delivering best-in-class solutions that support millions of customers across the U.S. With a bold focus on technology, data, and digital innovation, we create meaningful experiences that simplify lives and enable financial wellness.

Job Description

Job ID: 2602037
Category: Technology
Date posted: 07/08/2026

Role Summary/Purpose

Help Synchrony build one of the most resilient information security programs in financial services. As the Program Manager for Project Meridian, you will be the operational engine behind a high-priority, enterprise-wide security program — turning strategy into disciplined, on-time delivery across many concurrent workstreams.

Essential Responsibilities

  • Run Project Meridian day-to-day — orchestrate execution across all workstreams, keeping milestones, deliverables, and dependencies tracked, sequenced, and on course.
  • Make delivery teams more effective: proactively remove impediments, broker realistic commitments built from team capacity and change calendars, and minimize coordination overhead so teams report status once. Success is measured by blocker resolution and reduced delivery friction — not status decks alone.
  • Establish and run the program operating model — decision rights (RACI) across workstream owners and partner teams, a defined escalation ladder with target resolution times, and a single source of truth for status.
  • Build and maintain the integrated roadmap, milestone plan, and RAID log (risks, actions, issues, decisions/dependencies), with a consistent, right-sized reporting cadence (async-first; every recurring meeting justified).
  • Manage a dedicated team of specialist consultants — define scope, deliverables, and timelines; own SOWs in partnership with Sourcing/Vendor Management; hold partners accountable to quality, schedule, and budget; and ensure the consultant layer reduces, not adds, load on delivery teams.
  • Facilitate prioritization of shared consultant capacity across workstreams; reallocating capacity already committed to a workstream requires that owner’s concurrence, with unresolved contention escalated to the CISO.
  • Aggregate, track, and report KPIs and program metrics — defined together with workstream owners — providing timely, accurate reporting on progress, risk, cost, and escalations to the CISO and senior leadership.
  • Protect the integrity and audit-readiness of the program record: status reflects validated reality, and no milestone is reported complete without owner-validated supporting evidence.
  • Develop and execute a proactive communication strategy for Information Security leadership, cross-functional stakeholders, and the Executive Leadership Team.
  • Cook up and deliver program reporting and briefings for executive leadership and, in partnership with the CISO, for Federal Regulators and the Board of Directors — presenting program status, milestones, and delivery outcomes. (Characterization of security risk posture and any risk-acceptance decisions remain with the CISO and accountable workstream owners.)
  • Plan and orchestrate key program events and exercises (e.g., tabletop exercises) — ensuring readiness, participation, and disciplined follow-through on action items.

Qualifications/Requirements

  • Bachelor’s degree in a related discipline and 8+ years of program/project management experience; in lieu of a degree, 12+ years of relevant program/project management experience.
  • Proven track record managing large, complex, cross-functional programs with multiple concurrent workstreams and enterprise scope.
  • Experience delivering in financial services, banking, or another highly regulated industry — including familiarity with control and risk frameworks, audit evidence, and regulatory expectations.
  • Working knowledge of technology delivery — change management and CAB processes, release cycles, maintenance/freeze windows, and the operational cost and risk of remediation/patching work — sufficient to set realistic, capacity-informed timelines and translate between security objectives and engineering reality.
  • Working knowledge of core information security processes — vulnerability remediation SLAs, compensating controls, and the security exception / risk-acceptance process — sufficient to coordinate credibly without making risk determinations.
  • Experience with Agile and Scaled Agile (SAFe) delivery and the tools delivery teams use day-to-day (e.g., Jira / Azure DevOps).
  • Excellent written and verbal communication, including executive-level reporting and presentation.
  • Demonstrated ability to manage conflict, build consensus, and influence across senior stakeholders.
  • Exceptional organization and prioritization, with the ability to keep a high volume of concurrent, complex work on track.
  • Experience managing external consultants/vendors and the associated SOWs and deliverables.
  • Comfort operating amid complexity and ambiguity; able to help teams set direction and resolve competing priorities.
  • Ability and flexibility to travel for business as required.

Desired Characteristics

  • Information security experience is beneficial but not a requirement.
  • Experience supporting regulatory or Board-level reporting in a financial services environment.
  • Experience standing up or running a program/PMO operating model (RACI, governance, reporting cadence) from the ground up.
  • Proficiency with program and portfolio tooling and executive reporting (e.g., Microsoft Project, Planner, SharePoint).

Our Way of Working

We’re proud to offer you flexibility. At Synchrony, our way of working allows you to have the option to work from home near one of our Hubs or come into one of our offices. You will be required to commute to your nearest Hub (either virtual or physical) for in-person engagement activities such as regular business or team meetings, training and culture events.

Eligibility Requirements

  • You must be 18 years or older.
  • You must have a high school diploma or equivalent.
  • You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process.
  • You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
  • New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).

Legal authorization to work in the U.S.

Reasonable Accommodation Notice: Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.

Similar jobs