Container Product Engineer II - EIS

JOB_POSTING-3-67267

Job Description

Role Summary/Purpose:

The Container Security Expert will be responsible for designing, implementing, and maintaining secure container environments across Synchrony Financial cloud and on-premises infrastructure. This role leads container vulnerability management and container supply chain security initiatives while ensuring robust security controls across our containerized environments to protect critical systems and data.

Our Way of Working

We’re proud to offer you choice and flexibility. At Synchrony, our way of working allows you to have the option to work from home, near one of our Hubs or come into one of our offices. Occasionally you may be required to commute to our nearest office for in person engagement activities such as business or team meetings, training and culture events.

Essential Responsibilities

Container Security Architecture & Operations

• Lead the security architecture and implementation of container platforms (Docker, Kubernetes) across Synchrony's development and production environments
• Help develop and enforce security policies, procedures, and best practices for container deployment and operations
• Monitor and respond to security incidents related to container infrastructure
• Track, monitor and improve reporting on container vulnerability management
• Engage with industry experts to establish baselines profiles for container image vulnerabilities
  
  

Vulnerability Management & Supply Chain Security

• Design and implement comprehensive container vulnerability management strategy
• Lead container image scanning and vulnerability assessment programs
• Establish and maintain secure software supply chain practices including:
• Implementation of Software Bill of Materials (SBOM) generation and validation
• Container base image security standards and maintenance
• Third-party container security validation
• Artifact signing and verification processes
• Create automated vulnerability detection and remediation workflows
• Develop container patching and update strategies
• Monitor and report on container security metrics and KPIs
• Implement Open Policy Agent and enforce strict admission control policies in container orchestration
• Implement VEX (Vulnerability Exploitability eXchange)
  
  

Security Controls & Compliance

• Implement automated security scanning and continuous monitoring for container images, registries, and runtime environments
• Ensure compliance with financial regulations (PCI DSS, SOX, GLBA) in containerized environments
• Conduct security assessments and penetration testing of containerized applications and infrastructure
• Collaborate with development teams to integrate security controls into CI/CD pipelines
• Provide guidance and training to development teams on secure container practices
• Perform other duties and/or special projects as assigned
  
  

Qualifications/Requirements

• 5 years of experience in IT security, with at least 3 years focused on container security
• Strong expertise in Docker, Kubernetes, and container orchestration platforms
• Deep understanding of container security tools and practices (image scanning, runtime security, network policies)
• Experience with vulnerability management systems and supply chain security tools
• Experience with cloud platforms (AWS, Azure, GCP) and their container services
• Knowledge of financial industry security requirements and compliance frameworks
• Proficiency in security automation and scripting (Python, Go, Shell)
  
  

Certifications (Preferred)

We value continuous learning and will support you in obtaining relevant certifications:

• Certified Kubernetes Security Specialist (CKS)
• Certified Kubernetes Administrator (CKA)
• AWS Certified Security - Specialty
• CISSP (Certified Information Systems Security Professional)
• CCSP (Certified Cloud Security Professional)
• CompTIA Security
• Container Security Certifications (Aqua, Prisma Cloud)
  
  

Technical Skills

• Container Technologies: Docker, Kubernetes, Podman
• Security Tools: Aqua Security, Twistlock, Falco, Open Policy Agent
• Vulnerability Management: Snyk, Trivy, Clair, Anchore
• Supply Chain Security: Sigstore, Notary, in-toto, SLSA Framework
• Cloud Platforms: AWS EKS, Azure AKS, Google GKE
• CI/CD Tools: Jenkins, GitLab, GitHub Actions
• Infrastructure as Code: Terraform, Ansible
• Network Security: NSX, Calico, Network Policies
• Monitoring: Prometheus, ELK Stack, Splunk
  
  

Personal Qualities

• Strong analytical and problem-solving abilities
• Excellent communication skills for technical and non-technical audiences
• Detail-oriented with a security-first mindset
• Ability to work effectively in fast-paced environments
• Strong project management and documentation skills
• Collaborative team player with leadership capabilities
  
  

Working Conditions

• Full-time position
• May require on-call rotation for security incidents
• Some travel may be required for training or conferences
• Hybrid work environment with some on-site presence required
  
  

Grade/Level: 09

The salary range for this position is 85,000.00 - 140,000.00 USD Annual and is eligible for an annual bonus based on individual and company performance.

Actual compensation offered within the posted salary range will be based upon work experience, skill level or knowledge.

Salaries are adjusted according to market in CA, NY Metro and Seattle.

Eligibility Requirements

• You must be 18 years or older
• You must have a high school diploma or equivalent
• You must be willing to take a drug test, submit to a background investigation and submit fingerprints as part of the onboarding process
• You must be able to satisfy the requirements of Section 19 of the Federal Deposit Insurance Act.
• New hires (Level 4-7) must have 9 months of continuous service with the company before they are eligible to post on other roles. Once this new hire time in position requirement is met, the associate will have a minimum 6 months’ time in position before they can post for future non-exempt roles. Employees, level 8 or greater, must have at least 18 months’ time in position before they can post. All internal employees must consistently meet performance expectations and have approval from your manager to post (or the approval of your manager and HR if you don’t meet the time in position or performance expectations).
  
  

Legal authorization to work in the U.S. is required. We will not sponsor individuals for employment visas, now or in the future, for this job opening. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status.

Our Commitment

When you join us, you’ll be part of a diverse, inclusive culture where your skills, experience, and voice are not only heard—but valued. We celebrate the differences in all of us and believe that our individual, unique perspectives is what makes Synchrony truly a great place to work. Together, we’re building a future where we can all belong, connect and turn ideals into action. Through the power of our 8 Diversity Networks , with more than 60% of our workforce engaged, you’ll find community to connect with an opportunity to go beyond your passions.

This starts when you choose to apply for a role at Synchrony. We ensure all qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or veteran status.

Reasonable Accommodation Notice

• Federal law requires employers to provide reasonable accommodation to qualified individuals with disabilities. Please tell us if you require a reasonable accommodation to apply for a job or to perform your job. Examples of reasonable accommodation include making a change to the application process or work procedures, providing documents in an alternate format, using a sign language interpreter, or using specialized equipment.
• If you need special accommodations, please call our Career Support Line so that we can discuss your specific situation. We can be reached at 1-866-301-5627. Representatives are available from 8am – 5pm Monday to Friday, Central Standard Time
  
  

Job Family Group

Information Technology