Cloud Security Engineering & DevSecOps Lead

<p style="text-align:left"><b> Position Type : </b></p>Full time<p style="text-align:left"><b> Type Of Hire : </b></p>Experienced (relevant combo of work and education)<p style="text-align:inherit"></p><p style="text-align:left"><b>Job Description</b></p><p></p><p><b>About FIS </b></p><p></p><p><span>Are you curious, motivated, and forward-thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.</span></p><p></p><p><b>About the role </b></p><p></p><p><span>We're seeking a Lead Cybersecurity Analyst, specializing in Cloud Security Engineering and DevSecOps to join our Cloud Security and Emerging Technologies team. This position is responsible for designing and implementing security automation, preventative guardrails, and developer-integrated controls that enable secure-by-default cloud adoption. </span></p><p></p><p><span>The ideal candidate will have strong hands-on experience securing cloud infrastructure and applications, partnering closely with engineering and development teams to embed security into cloud-native architectures while balancing risk, scalability, and business needs. This role requires a combination of technical skills, problem-solving aptitude, and cybersecurity expertise.</span></p><p></p><p><b><span>About the team</span></b></p><p></p><p><span>The Cloud Security and Emerging Technologies team is responsible for securing the organization's multi-cloud environments while enabling the safe adoption of new cloud capabilities and technologies. The team combines security assessments, secure solution design, and scalable security engineering to identify risks, define remediation strategies, and implement preventative controls and guardrails across the cloud estate.</span></p><p></p><p><b>What you will be doing </b></p><p></p><ul><li><p>Design, build, and maintain infrastructure-as-code (IaC) templates and reusable automation frameworks with embedded security guardrails across multi-cloud environments.</p></li><li><p>Develop and enforce policy-as-code controls using cloud-native capabilities (e.g., AWS SCPs, Azure Policy, Open Policy Agent) to prevent misconfigurations and reduce risk at scale.</p></li><li><p>Automate provisioning, configuration, and validation of cloud security controls and services, ensuring secure-by-default deployments.</p></li><li><p>Integrate security controls and validation checks into CI/CD pipelines and developer workflows to enable shift-left security practices.</p></li><li><p>Administer, integrate, and optimize cloud security platforms and tooling (e.g., CSPM, Container Security), including policy tuning, onboarding automation, and operational improvements.</p></li><li><p>Monitor cloud environments for security posture risks, misconfigurations, and anomalous activity, and build automated detection and remediation capabilities where appropriate.</p></li><li><p>Collaborate with engineering, platform and security teams to operationalize security architecture requirements and implement scalable remediation solutions.</p></li><li><p>Support security investigations by providing cloud telemetry, automation, and technical expertise as needed.</p></li><li><p>Provide technical leadership and guidance on cloud security best practices, automation patterns, and DevSecOps adoption across the organization.</p></li><li><p>Contribute to enterprise security initiatives by standardizing controls, improving automation maturity, and driving continuous improvement of cloud security capabilities.</p></li><li><p>Stay current on emerging cloud technologies, security threats, and defensive techniques to continuously enhance the organization’s security posture.</p></li><li><p>Be a champion and advocate of cybersecurity within the company.</p></li></ul><p></p><p><b>What you bring </b></p><p></p><ul><li><p>10+ years of experience in information security, with at least 5 years focusing on cloud security.</p></li><li><p>Deep understanding of cloud security services, automation patterns, and secure-by-default design principles across multi-cloud environments.</p></li><li><p>Strong proficiency in Infrastructure-as-Code and automation tools such as Terraform, CloudFormation, Azure Bicep and Ansible.</p></li><li><p>Hands-on experience integrating security controls into CI/CD pipelines using platforms such as Github Actions, Jenkins, Gitlab or similar tooling.</p></li><li><p>Proficiency with version control systems such as Github, Gitlab, Bitbucket or similar systems, including branching strategies, pull request workflows, and collaborative development practices.</p></li><li><p>Experience implementing and managing policy-as-code and preventative guardrails using cloud-native or third-party frameworks (e.g., AWS SCPs, Azure Policy, and OPA).</p></li><li><p>Knowledge across multiple security domains, including DevSecOps, Cloud infrastructure security, container security, identity and access management, vulnerability management and threat detection.</p></li><li><p>Experience with managing cloud security platforms and tooling (e.g., CNAPP), and operationalizing security controls at scale.</p></li><li><p>Knowledge of compliance standards and benchmarks: SOC2, ISO 27001, CSA CCM, NIST CSF, PCI <span>DSS, CIS benchmarks.</span></p></li><li><p><span>Strong communication and leadership skills, with the ability to collaborate effectively with diverse teams.</span></p></li></ul><p></p><p><b>Bonus is you have</b></p><p></p><ul><li><p>CCSP - Certified Cloud Security Professional.</p></li><li><p>CISSP - Certified Information Systems Security Professional.</p></li><li><p>AWS Certified Solutions Architect Associate / Professional.</p></li><li><p>AWS Certified Security Specialty.</p></li><li><p>AWS Certified DevOps Engineer.</p></li><li><p>Microsoft Security Architect.</p></li><li><p>Microsoft Security Engineer Associate.</p></li></ul><p></p><p><b>What we offer you </b></p><p></p><ul><li><p>A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities.</p></li><li><p>A broad range of professional education and personal development possibilities – FIS is your final career step!</p></li><li><p>A competitive salary and benefits.</p></li><li><p>A variety of career development tools, resources and opportunities.</p></li><li><p>The chance to work on some of the most challenging, relevant issues in financial services & technology.</p></li></ul><p></p><p></p><p><span><span>#LI-DS2</span></span><span> </span></p><p><br /></p><p></p><p style="text-align:left"><b>Privacy Statement</b></p><p style="text-align:inherit"></p><p style="text-align:left">FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the <a target="_blank" href="http://www.fisglobal.com/privacy">Online Privacy Notice</a>.</p><p style="text-align:inherit"></p><p style="text-align:left"><b>EEOC Statement</b></p><p style="text-align:inherit"></p><p style="text-align:left">FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is <a target="_blank" href="https://www.eeoc.gov/sites/default/files/migrated_files/employers/eeoc_self_print_poster.pdf">available here</a> supplement document <a target="_blank" href="http://www.dol.gov/ofccp/regs/compliance/posters/pdf/OFCCP_EEO_Supplement_Final_JRF_QA_508c.pdf">available here</a></p><p style="text-align:left"><br /><span><span>For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.</span></span></p><p style="text-align:inherit"></p><p style="text-align:left"><b>Sourcing Model</b></p><p style="text-align:inherit"></p><p style="text-align:left">Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.</p><p style="text-align:inherit"></p><p style="text-align:left">#pridepass</p>

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...