Key skills
AnsibleAWSAzureCloudCyber SecurityJenkinsTerraformGitHub ActionsCloudFormationGitHubGitLabBitbucketVersion ControlCI/CDLeadershipCommunicationCloud Security
About this role
Role Overview
- Design, build, and maintain infrastructure-as-code (IaC) templates and reusable automation frameworks with embedded security guardrails across multi-cloud environments.
- Develop and enforce policy-as-code controls using cloud-native capabilities (e.g., AWS SCPs, Azure Policy, Open Policy Agent) to prevent misconfigurations and reduce risk at scale.
- Automate provisioning, configuration, and validation of cloud security controls and services, ensuring secure-by-default deployments.
- Integrate security controls and validation checks into CI/CD pipelines and developer workflows to enable shift-left security practices.
- Administer, integrate, and optimize cloud security platforms and tooling (e.g., CSPM, Container Security), including policy tuning, onboarding automation, and operational improvements.
- Monitor cloud environments for security posture risks, misconfigurations, and anomalous activity, and build automated detection and remediation capabilities where appropriate.
- Collaborate with engineering, platform and security teams to operationalize security architecture requirements and implement scalable remediation solutions.
- Support security investigations by providing cloud telemetry, automation, and technical expertise as needed.
- Provide technical leadership and guidance on cloud security best practices, automation patterns, and DevSecOps adoption across the organization.
- Contribute to enterprise security initiatives by standardizing controls, improving automation maturity, and driving continuous improvement of cloud security capabilities.
- Stay current on emerging cloud technologies, security threats, and defensive techniques to continuously enhance the organization’s security posture.
- Be a champion and advocate of cybersecurity within the company.
Requirements
- 10+ years of experience in information security, with at least 5 years focusing on cloud security.
- Deep understanding of cloud security services, automation patterns, and secure-by-default design principles across multi-cloud environments.
- Strong proficiency in Infrastructure-as-Code and automation tools such as Terraform, CloudFormation, Azure Bicep and Ansible.
- Hands-on experience integrating security controls into CI/CD pipelines using platforms such as Github Actions, Jenkins, Gitlab or similar tooling.
- Proficiency with version control systems such as Github, Gitlab, Bitbucket or similar systems, including branching strategies, pull request workflows, and collaborative development practices.
- Experience implementing and managing policy-as-code and preventative guardrails using cloud-native or third-party frameworks (e.g., AWS SCPs, Azure Policy, and OPA).
- Knowledge across multiple security domains, including DevSecOps, Cloud infrastructure security, container security, identity and access management, vulnerability management and threat detection.
- Experience with managing cloud security platforms and tooling (e.g., CNAPP), and operationalizing security controls at scale.
- Knowledge of compliance standards and benchmarks: SOC2, ISO 27001, CSA CCM, NIST CSF, PCI DSS, CIS benchmarks.
- Strong communication and leadership skills, with the ability to collaborate effectively with diverse teams.
- Bonus is you have CCSP
- Certified Cloud Security Professional. CISSP
- Certified Information Systems Security Professional. AWS Certified Solutions Architect Associate / Professional. AWS Certified Security Specialty. AWS Certified DevOps Engineer. Microsoft Security Architect. Microsoft Security Engineer Associate.
Tech Stack
- Ansible
- AWS
- Azure
- Cloud
- Cyber Security
- Jenkins
- Terraform
Benefits
- A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities.
- A broad range of professional education and personal development possibilities – FIS is your final career step!
- A competitive salary and benefits.
- A variety of career development tools, resources and opportunities.
- The chance to work on some of the most challenging, relevant issues in financial services & technology.