VP, Operational Risk Oversight - Technology

Synchrony•Orlando, FL

3d•Hybrid

About The Position

This role owns the independent Operational Risk Management oversight of Synchrony’s Technology processes across the end-to-end systems development lifecycle (SDLC), including requirements and design, development, testing, implementation, and ongoing maintenance. The role focuses on assessing people, process, and technology risks related to application delivery and change, including secure development, DevOps practices, cloud implementations, third‑party/enterprise platforms, and Generic AI solutions. This includes providing risk-informed challenge and credible oversight to ensure technology solutions for clients and employees are delivered in a controlled, compliant, and resilient manner. We’re proud to offer you flexibility. At Synchrony, our way of working allows you to have the option to work from home near one of our Hubs or come into one of our offices. Occasionally you will be required to commute or travel for in person engagement activities such as business or team meetings, training and culture events. Field Sales and some Commercial team roles may have varied location requirements based upon partner obligations or preferences.

Requirements

Bachelor’s degree and at least 6+ years experience in Financial Services, or in lieu of degree, 10+ years experience in Financial Services
Experience leading cross functional processes
Experience with large-scale technology and business projects
Knowledge of Information Technology and application development lifecycle
Understanding of Cloud systems, including development and security, particularly in the AWS environment.
Understanding of emerging technologies requirements, such as Generative AI development requirements
Ability and flexibility to travel for business as required

Nice To Haves

Strong leadership skills
Self-starter
Effective communications, problem solving & presentation skills
Risk Management exposure
Demonstrated project management experience
Prior IT PMO, SDLC Governance, or Technology Risk Oversight experience
Working knowledge of secure development practices, change/release governance, testing disciplines, and/or DevOps controls
Familiarity with cloud delivery and implementation risk considerations
Ability to manage multiple projects simultaneously and deliver on demanding deadlines with minimal supervision
Master’s / MBA degree
Strong PC proficiency (Microsoft Suite, including: Word, Excel and PowerPoint)
Experience with or awareness of Agile methodology (helpful but not a primary emphasis)
Risk, IT Audit or security professional certifications

Responsibilities

Accountable for overall Operational Risk oversight of Synchrony’s technology delivery and change processes across the SDLC, including governance, controls, and execution practices from intake through release and post‑implementation monitoring.
Provide risk expertise to support the design and integration of Risk Management practices into technology delivery methodologies, including establishing and reinforcing appropriate governance and control expectations.
Monitor the prioritization and funding of technology initiatives, including participation in key business forums.
Develop and apply risk-based prioritization criteria to identify and engage with significant technology initiatives requiring independent oversight (e.g., strategic programs, acquisition integrations, platform modernizations, and large-scale business projects).
Evaluate the effectiveness and efficiency of the company’s software delivery practices and control environment, including: Requirements management and solution design governance Secure SDLC and vulnerability remediation practices DevOps controls, release governance, and environment management Quality Assurance and test strategy (unit, integration, performance, UAT) Change Management and production implementation controls Operational readiness, resiliency, and post‑implementation validation
Provide oversight and credible challenge for cloud and emerging technology implementations, including risk considerations for architecture, data protection, identity/access controls, vendor dependencies, and resiliency.
Oversee risk considerations for Generic AI solutions used in technology delivery or embedded in products, partnering with stakeholders to evaluate governance, model/solution controls (as applicable), data usage, and implementation risk.
Engage with Senior Leadership to understand IT strategy, roadmaps, and delivery patterns to align independent oversight priorities; translate project objectives, deliverables, and risks for broader leadership audiences.
Leverage analytics and data to drive efficient risk-based oversight, identify trends/themes, and target deep dives where risk is elevated.
Work closely with other Risk disciplines, including Compliance & Risk Testing, to ensure coordinated oversight, reduce duplication, and strengthen end-to-end coverage of technology risks.
Lead and publish formal risk reviews of IT processes and technology solutions, including clear observations, severity, and remediation expectations.
Develop reporting and executive-ready overviews of priorities, thematic observations, and emerging risks to maximize visibility and engagement with Business and Risk leaders.
Periodically report review and oversight activities and assessment results to the Technology Risk Subcommittee.
Engage in regulatory and audit exams and periodic updates to represent risk perspectives and priorities related to SDLC, application delivery, secure development, cloud, and emerging technology implementations.
Evaluate privacy related concerns in system development and implementation.
Perform other duties and/or special projects as assigned.