Cloud Security Engineering & DevSecOps Lead

About The Position

Requirements

• 10+ years of experience in information security, with at least 5 years focusing on cloud security.
• Deep understanding of cloud security services, automation patterns, and secure-by-default design principles across multi-cloud environments.
• Strong proficiency in Infrastructure-as-Code and automation tools such as Terraform, CloudFormation, Azure Bicep and Ansible.
• Hands-on experience integrating security controls into CI/CD pipelines using platforms such as Github Actions, Jenkins, Gitlab or similar tooling.
• Proficiency with version control systems such as Github, Gitlab, Bitbucket or similar systems, including branching strategies, pull request workflows, and collaborative development practices.
• Experience implementing and managing policy-as-code and preventative guardrails using cloud-native or third-party frameworks (e.g., AWS SCPs, Azure Policy, and OPA).
• Knowledge across multiple security domains, including DevSecOps, Cloud infrastructure security, container security, identity and access management, vulnerability management and threat detection.
• Experience with managing cloud security platforms and tooling (e.g., CNAPP), and operationalizing security controls at scale.
• Knowledge of compliance standards and benchmarks: SOC2, ISO 27001, CSA CCM, NIST CSF, PCI DSS, CIS benchmarks.
• Strong communication and leadership skills, with the ability to collaborate effectively with diverse teams.

Nice To Haves

• CCSP - Certified Cloud Security Professional.
• CISSP - Certified Information Systems Security Professional.
• AWS Certified Solutions Architect Associate / Professional.
• AWS Certified Security Specialty.
• AWS Certified DevOps Engineer.
• Microsoft Security Architect.
• Microsoft Security Engineer Associate.

Responsibilities

• Design, build, and maintain infrastructure-as-code (IaC) templates and reusable automation frameworks with embedded security guardrails across multi-cloud environments.
• Develop and enforce policy-as-code controls using cloud-native capabilities (e.g., AWS SCPs, Azure Policy, Open Policy Agent) to prevent misconfigurations and reduce risk at scale.
• Automate provisioning, configuration, and validation of cloud security controls and services, ensuring secure-by-default deployments.
• Integrate security controls and validation checks into CI/CD pipelines and developer workflows to enable shift-left security practices.
• Administer, integrate, and optimize cloud security platforms and tooling (e.g., CSPM, Container Security), including policy tuning, onboarding automation, and operational improvements.
• Monitor cloud environments for security posture risks, misconfigurations, and anomalous activity, and build automated detection and remediation capabilities where appropriate.
• Collaborate with engineering, platform and security teams to operationalize security architecture requirements and implement scalable remediation solutions.
• Support security investigations by providing cloud telemetry, automation, and technical expertise as needed.
• Provide technical leadership and guidance on cloud security best practices, automation patterns, and DevSecOps adoption across the organization.
• Contribute to enterprise security initiatives by standardizing controls, improving automation maturity, and driving continuous improvement of cloud security capabilities.
• Stay current on emerging cloud technologies, security threats, and defensive techniques to continuously enhance the organization’s security posture.
• Be a champion and advocate of cybersecurity within the company.

Benefits

• A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities.
• A broad range of professional education and personal development possibilities – FIS is your final career step!
• A competitive salary and benefits.
• A variety of career development tools, resources and opportunities.
• The chance to work on some of the most challenging, relevant issues in financial services & technology.