AVP, Product Security Architect
Not Disclosed•Full-TimeOn-site
location_on200 West Jackson, 200, West Jackson Boulevard, Financial District, Loop, Chicago, South Chicago Township, Cook County, Illinois, 60606, United States
About the Team
Synchrony is a leading financial services company dedicated to providing innovative solutions that empower our customers. Our platform group operates at the intersection of finance and technology, managing a vast ecosystem of applications and SaaS services that serve millions of users. We are committed to building a future where security is not an afterthought but a foundational element of our product strategy.
About the Role
As an AVP, Product Security Architect, you will provide enterprise-level leadership across Synchrony's application and SaaS ecosystem. Operating at the L11 scope, your mission is to set direction, define standards, and drive adoption at scale. You will partner closely with product and engineering leaders to embed security into the very fabric of product strategy and modern software delivery.
In this role, you will lead the definition of an Application Security Blueprint, establishing reference architectures, approved patterns, and engineering guardrails. Your work will enable teams to design and deliver software that is secure-by-design, resilient, and compliant. You will serve as a strategic partner to leadership, influencing roadmaps to ensure security is built-in rather than bolted-on, allowing delivery teams to move quickly with well-defined "paved roads." Beyond governance, you will act as a coach and multiplier, mentoring engineers and architects to elevate secure design skills across the organization.
Hiring Process
Candidates selected for this role will engage in a structured interview process designed to assess both technical depth and strategic influence. The process typically includes:
- Initial Screening: A conversation with a recruiter to discuss background and role alignment.
- Technical Deep-Dive: A detailed discussion on architecture, threat modeling, and security patterns.
- System Design & Strategy: A session focused on designing secure architectures and influencing cross-team adoption.
- Team Fit: Interviews with key stakeholders to ensure cultural alignment and collaboration style.
- Offer: Final discussion regarding compensation and start date.
Equal Opportunity & Culture
Synchrony is committed to building an inclusive culture where individual skills, experience, and voices are not only heard but valued. Together, we are building a future where everyone can belong, connect, and turn ideals into action. More than 50% of our workforce is engaged in our Employee Resource Groups (ERGs), where community and passion intersect to offer a safe space to learn and grow.
We are proud to have an award-winning culture. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status. We ensure that all qualified applicants receive consideration for employment regardless of their background.
Reasonable Accommodation
Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. If you require a reasonable accommodation to apply for a job or to perform your job, please contact our Career Support Line at 1-866-301-5627 (8am – 5pm Monday to Friday, Central Standard Time). Examples of reasonable accommodation include making changes to the application process, providing documents in an alternate format, or using specialized equipment.
Work location
Work model: On-site
200 West Jackson, 200, West Jackson Boulevard, Financial District, Loop, Chicago, South Chicago Township, Cook County, Illinois, 60606, United States
Chicago, Illinois
Key Responsibilities
- check_circleSet product security architecture direction for assigned portfolios
- check_circleOwn and evolve the Application Security Blueprint and standards
- check_circleLead architecture governance including design reviews and remediation
- check_circleDrive threat modeling at scale for high-risk initiatives
- check_circleDefine and standardize API security architectures and patterns
- check_circleEstablish service-to-service security controls for distributed systems
- check_circleEnable secure SDLC and platform controls with engineering teams
- check_circleTrack measurable outcomes and provide executive-level reporting
- check_circleMentor engineers and architects to elevate secure design skills
Requirements
- verified7+ years in security architecture/engineering
- verifiedHigh school diploma or equivalent
- verifiedLegal authorization to work in the U.S.
- verifiedCISSP, CCSP, or CSSLP certification (preferred)
- verifiedAbility to travel for business
- verifiedMust be 18 years or older
Nice to Have
CISSP, CCSP, or CSSLP certifications; familiarity with threat modeling tooling, API gateways, policy enforcement, identity and federation (SSO, SAML, OIDC), application security testing (SAST/DAST/SCA/secret scanning), CI/CD tooling (e.g., GitHub/Jenkins), vulnerability management platforms, logging/monitoring, service mesh/mTLS patterns, and secrets management solutions.