VP, Information Security Architect - Lead (L12)

About the position The Security Architecture team designs and maintains a best of breed security framework to protect Synchrony’s digital assets and systems. By setting and enforcing security standards and best practices, the team ensures technology solutions are secure, resilient, and compliant. You will be a part of a highly talented team and will make impactful contributions to Synchrony's Information Security organization and business lines. We are seeking a Lead Security Architect to serve as a core subject matter expert within the Security Architecture team, driving Zero Trust networking principles across on-prem, hybrid, and cloud environments. This role will partner extensively with stakeholders and SMEs across platform, infrastructure, network, and application teams to define, design, and implement secure connectivity patterns and policy-as-design standards that enable scalable, compliant delivery. You will play a hands-on architecture role in shaping segmentation, perimeter and internal controls, and cloud network security guardrails—while mentoring junior team members deliver effectively through clear standards, reference architectures, and practical implementation guidance.

Responsibilities

• Lead, mentor Security Architecture team members to enable high-quality deliverables that ensure Synchrony business is secure
• Own and drive Zero Trust network architecture across the enterprise, including segmentation, least privilege access, and policy enforcement across users, workloads, and services.
• Partner with application, platform, and infrastructure teams to gather and analyze network/security requirements (connectivity, ports/protocols, data flows, trust boundaries).
• Translate business and application needs into actionable network security architectures, including firewall policies, segmentation models, and cloud-native controls.
• Conducts reviews, workshops, and design sessions with the partners at Synchrony to drive secure network architecture and adoption
• Design and validate secure network patterns for AWS and/or Azure, including VPC/VNet architecture, subnets, routing, TGW/peering, and ingress/egress strategies.
• Define and standardize security controls using a combination of cloud-native mechanisms (e.g., Security Groups/NSGs, NACLs, route controls) and enterprise platforms (e.g., Palo Alto, Prisma).
• Collaborate closely with perimeter defense / security operations to streamline firewall rule discovery, risk review, approvals, and deployment, including process improvement and automation opportunities.
• Produce and maintain architecture documentation (standards, reference designs, decision records, patterns) including guidance on when to use Palo Alto vs cloud-native controls.
• Guide implementation teams through design reviews, threat modeling, and exception handling to ensure secure-by-design outcomes.
• Support troubleshooting and optimization of network security configurations across on-prem and cloud environments, including performance and resiliency considerations.
• Contribute to strategic initiatives such as SASE/SD-WAN adoption, micro-segmentation, and cloud security posture improvements.

Requirements

• Bachelor's degree with 8+ years of experience in network security architecture/engineering, including on-prem and hybrid environments or in lieu of a degree 10+ years of experience required.
• Past record of having technically led and mentored junior team members.
• Strong working knowledge of cloud networking and security in AWS and/or Azure, including VPC/VNet, subnets, routing, gateways, and connectivity patterns.
• Deep expertise in network security controls and layered defense: firewalls, network segmentation, VPN/connectivity, ingress/egress controls, and secure routing.
• Proven ability to translate application connectivity needs into effective firewall rule sets, segmentation policies, and cloud network security designs.
• Experience partnering with cross-functional teams (application, infrastructure, platform) in Agile/DevSecOps environments.
• Strong communication skills—able to document, present, and drive alignment on complex technical architecture decisions.
• Ability to work independently, influence stakeholders, and deliver results in a fast-paced environment.

Nice-to-haves

• Strong, Proven Security Architect - Certifications (preferred): CISSP, CCSP, CCNP/CCIE, and/or AWS/Azure security/architecture certifications.
• Champion security practices and secure architecture standards.
• Experience in financial services or other highly regulated environments.
• Experience with firewall policy management at scale and automation/orchestration tooling.

Apply tot his job Apply To this Job