Cloud Security Engineering & DevSecOps Lead

About The Position

Requirements

• 10+ years of experience in information security, with at least 5 years focusing on cloud security.
• Strong understanding of cloud security principles, architecture patterns, and security controls across major cloud platforms. (e.g., AWS, Azure, GCP).
• Experience conducting security assessments, gap analysis, and risk evaluations for cloud environments and services, with the ability to translate findings into actionable remediation plans.
• Demonstrated ability to design practical security solutions and implementation guidance to address cloud security risks, working collaboratively with engineering and platform teams.
• Experience developing or contributing to cloud security reference architectures, standards, or secure solution patterns aligned with organizational requirements.
• Familiarity with cloud security tooling and posture management platforms (e.g., CNAPP) and understanding of common cloud misconfiguration risks.
• Knowledge of compliance standards and benchmarks: SOC2, ISO 27001, CSA CCM, NIST CSF, PCI DSS, CIS benchmarks.
• Strong communication and leadership skills, with the ability to collaborate effectively with diverse teams.

Nice To Haves

• CCSP - Certified Cloud Security Professional.
• CISSP - Certified Information Systems Security Professional.
• AWS Certified Solutions Architect Associate / Professional.
• AWS Certified Security Specialty.
• AWS Certified DevOps Engineer.
• Microsoft Security Architect.
• Microsoft Security Engineer Associate.

Responsibilities

• Assess the security posture of cloud environments and services across multi-cloud platforms to identify risks, controls gaps, and improvement opportunities.
• Lead cloud security gap assessment for cloud service capabilities, providing actionable recommendations to strengthen the security posture.
• Develop and maintain cloud security reference architectures, secure solution patterns, and implementation guidance aligned with organizational security requirements.
• Design practical security solutions to address identified risks and partner with engineering and platform teams to drive the implementation of solutions across the cloud estate.
• Analyze cloud environments for misconfigurations and control deficiencies, and partner with stakeholders to prioritize and drive remediation efforts.
• Respond to and support investigation of cloud security incidents, including root-cause analysis and remediation.
• Interpret internal security policies, regulatory requirements, and industry standards and translate them into technical controls and implementation guidance.
• Provide technical leadership and advisory support on cloud security best practices, including identity and access management, network security, encryption, logging, monitoring, and data protection.
• Collaborate with engineering, platform and enterprise architecture teams to operationalize security requirements and improve consistency of controls across the cloud estate.
• Conduct security reviews of emerging technologies and new cloud services to evaluate risks and recommend secure adoption approaches.
• Drive enterprise cloud security initiatives and support security rollouts across the organization.
• Stay current on emerging cloud security threats, platform features, and defensive techniques.
• Be a champion and advocate of cybersecurity within the company.

Benefits

• A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities.
• A broad range of professional education and personal development possibilities – FIS is your final career step!
• A competitive salary and benefits.
• A variety of career development tools, resources and opportunities.
• The chance to work on some of the most challenging, relevant issues in financial services & technology.