Senior IAM Controls Analyst (L09)

Job Description:

Role Title: Senior IAM Controls Analyst (L09)

Company Overview:

Synchrony (NYSE: SYF) is a premier consumer financial services company delivering one of the industry’s most complete digitally enabled product suites. Our experience, expertise and scale encompass a broad spectrum of industries including digital, health and wellness, retail, telecommunications, home, auto, outdoors, pet and more.

• We have recently been ranked #2 among India’s Best Companies to Work for by Great Place to Work. We were among the Top 50 India’s Best Workplaces in Building a Culture of Innovation by All by GPTW and Top 25 among Best Workplaces in BFSI by GPTW. We have also been recognized by AmbitionBox Employee Choice Awards among the Top 20 Mid-Sized Companies, ranked #3 among Top Rated Companies for Women, and Top-Rated Financial Services Companies.

• We offer Flexibility and Choice for all employees and provide best-in-class employee benefits and programs that cater to work-life integration and overall well-being.

• We provide career advancement and upskilling opportunities, focusing on Advancing Diverse Talent to take up leadership roles.

Organizational Overview:

The IAM Control Governance and Compliance team provides oversight and compliance to IAM standards through monitoring, controls, and gap remediation. The Senior IAM Controls Analyst will be a key subject matter expert to drive development and implementation of the IAM controls strategy, ensuring appropriate checks/controls are implemented as related to IAM standards and processes, and assisting in the opening and closing of identified non-compliance remediation activities.

Role Summary/Purpose:

The Senior IAM Controls Analyst is responsible for supporting the IAM Control Lead in the development and implementation of the IAM controls strategy and ensuring appropriate checks/controls are implemented as related to IAM standards and processes. This will involve creating, defining and implementing control monitoring strategies; promoting continuous improvement; and ensure adherence to regulatory compliance laws. The ideal candidate will be highly motivated and have a passion for technology, customers, excellence, risk identification and results. The candidate must be comfortable engaging with all levels of the organization with strong communication and business influence skills.

Key Responsibilities:

• Assist in the development and refinement of IAM standards, procedures, and job aids.

• Monitor, assess, and enforce IAM controls in alignment with corporate security policies and regulatory standards.

• Conduct periodic reviews of IAM controls and exceptions to ensure ongoing compliance and identify opportunities for process improvements.

• Review, analyze, and process policy exceptions related to IAM, ensuring they are justified, documented, and approved according to defined protocols.

• Driving exception performance metrics/measurements. Present metrics and results to IAM Management team. Analyze and summarize concerns/gaps and shares plans for remediation

• Responsible for process automation; Identification and implementation of automation opportunities within the IAM controls program.

• Responsible for Audit and Regulatory evidence documentation and the organization of document repository.

• Participate in projects and initiatives in support of regulatory, audit and governance.

• Candidate will be working with tools such as Jira, eGRC, Keylight, ServiceNow and SharePoint

Required Skills/Knowledge:

• Bachelor’s degree and a minimum of 2 years of either Technology or Information Security experience, OR in lieu of a degree, 4+ years of either Technology or Information Security experience.

• Minimum 1-3 years working in risk management, controls assurance, or internal audit

• Understanding of Identity Access Management fundamental concepts

• Basic understanding of how to interpret and execute Policies, Standards and Procedures, IT Controls, and Risk Management

• Basic understanding of Control Documentation and Regulatory evidence collection

• The ability to understand technology changes and ask probing questions regarding preparedness, change testing, risk, and impact factors

• Must have proven analytical and problem-solving skills

• Excel expertise including advanced skills (v-lookup, pivot tables, and macro/formula development)

• Must be detailed oriented

• Strong oral and written communication skills

• Strong strategic thinking skills

• Experience with working with remote teams

• For internal candidates minimum 18 months in SYF and 12 months in the current role

• Not on active formal corrective or above

Desired Skills/Knowledge:

• Certification such as CISA, CISM, CISSP, or equivalent.

• Basic knowledge of Jira, eGRC, Keylight, and CMDB, ServiceNow and SharePoint.

• Knowledge of industry frameworks (such as: COBIT, NIST, PCI)

• Coding/scripting skills preferred

• Strong negotiating skills

• Ability to work in a matrix organization

• Creative problem-solver/solution finder

• Ability to influence all levels

• Strong organizational skills

• Ability to handle and prioritize multiple priorities

Eligibility Criteria:

Bachelor’s degree and a minimum of 2 years of either Technology or Information Security experience, OR in lieu of a degree, 4+ years of either Technology or Information Security experience.

Work Timings :

(This role qualifies for Enhanced Flexibility and Choice offered in Synchrony India and will require the incumbent to be available between 06:00 AM Eastern Time – 11:30 AM Eastern Time (timings are anchored to US Eastern hours and will adjust twice a year locally). This window is for meetings with India and US teams. The remaining hours will be flexible for the employee to choose. Exceptions may apply periodically due to business needs. Please discuss this with the hiring manager for more details.)

For Internal Applicants:

• Understand the criteria or mandatory skills required for the role, before applying

• Inform your manager and HRM before applying for any role on Workday.

• Ensure that your professional profile is updated (fields such as education, prior experience, other skills) and it is mandatory to upload your updated resume (Word or PDF format)

• Must not be any corrective action plan (First Formal/Final Formal, LPP)

• L4 to L7 Employees who have completed 12 months in the organization and 12 months in their current role and level are only eligible.

• L8+ Employees who have completed 18 months in the organization and 12 months in their current role and level are only eligible.

• L04+ Employees can apply.

Grade/Level: 09

Job Family Group: