Cloud IT Security Architect Specialist

Posted:
8/27/2024, 12:46:16 AM

Location(s):
England, United Kingdom

Experience Level(s):
Mid Level ⋅ Senior

Field(s):
IT & Security

We are FIS. Our technology powers the world’s economy, and our teams bring innovation to life. We champion diversity to deliver the best products and solutions for our colleagues, clients and communities. If you’re ready to start learning, growing and making an impact with a career in fintech, we’d like to know: Are you FIS?


About the role:
As a Cloud Security Architect, you will play a pivotal role in ensuring the security of our cloud-based systems and applications. This position blends technical expertise, DevSecOps practices, and architectural design principles to create and maintain robust security solutions aligned with modern security models. You will collaborate closely with cross-functional teams to design, implement, and maintain security measures that protect our organisation's data, infrastructure, and applications in cloud environments.

About the team:

The role of the Cloud Security Team encompasses a comprehensive strategy focused on enhancing overall cloud security across multiple cloud platforms, policy management, automation, cost optimisation, vendor management, tooling, governance, and operations. We aim to fortify our cloud security posture, ensure compliance, drive cost savings, and enable sustainable growth while addressing emerging challenges and opportunities in the cloud landscape.



What you will be doing:

  • Overall Cloud Security Enhancement: FIS has a multi-cloud environment, so strengthening security across all platforms, including AWS, Azure, and Google Cloud, is imperative. This entails continual review and enforcement of security configurations, deployment of auto-remediation mechanisms, and proactive troubleshooting of tool-related issues to maintain robust security postures and minimize vulnerabilities.
  • Policy Management and Compliance: The creation, review, and enforcement of cloud security policies are critical to ensuring adherence to regulatory requirements and industry best practices. Periodic policy reviews, change management processes, and presentations to the review board facilitate the socialization and alignment of security policies with business objectives, enhancing overall governance and risk management.
  • Automation and Cost Optimization: Automating security operations and identifying cost-saving opportunities play pivotal roles in enhancing operational efficiency and maximizing ROI. Automation initiatives streamline tool delivery, operationalization, account onboarding, and diagnostics, enabling the team to focus on strategic objectives and value-added activities.
  • Vendor Management and Tool Evaluation: Effective vendor management and ongoing evaluation of cloud security tools are essential to adapt to evolving threats and technological advancements. Cloud tool proof-of-concepts (POCs) and module evaluations, including potential replacements for existing tools and evaluations of new capabilities, ensure that the Cloud Security Department stays abreast of the latest innovations and selects tools that best align with organizational needs and objectives.
  • Governance and Security Architecture Reviews: Establishing a robust cloud security governance framework, in collaboration with the CIO Cloud Governance team, enhances accountability, transparency, and consistency in security policies, monitoring, and asset management. Weekly collaboration with CIO Cloud Engineering on architecture reviews and development of container security programs further strengthens security controls. It ensures that new projects adhere to security standards and best practices. 
  • Architectural Design: Design, implement, and maintain cloud security architecture that meets the organization's strategic security objectives while enabling business agility and innovation.
  • Technical Expertise: Provide expert guidance on cloud security best practices, including identity and access management, encryption, network security, and data protection. Stay abreast of emerging threats and security technologies to enhance security posture continuously.
  • DevSecOps Integration: Integrate security into the DevOps pipeline by automating security controls, implementing security testing, and promoting a security culture throughout the development lifecycle.
  • Risk Management: Assess security risks associated with cloud environments and develop strategies to mitigate these risks effectively. Conduct security assessments, audits, and penetration testing to identify vulnerabilities and weaknesses.
  • Compliance and Governance: Ensure compliance with relevant regulatory requirements, industry standards, and internal security policies. Develop and maintain security documentation, including policies, standards, procedures, and guidelines.
  • Incident Response and Monitoring: Design and implement incident response plans and procedures for cloud-based systems. Establish robust monitoring and alerting mechanisms to detect and respond to security incidents in a timely manner.
  • Collaboration and Communication: Collaborate with organisational stakeholders, including IT teams, development teams, business units, and external partners, to align security initiatives with business objectives. Communicate complex security concepts effectively to technical and non-technical audiences.


What you will need:

  • Bachelor’s degree in computer science, Information Security, or related field. Master's degree or relevant certifications (e.g., CISSP, CCSK, AWS Certified Security - Specialty) preferred.
  • Proven experience in cloud security architecture design and implementation, preferably in AWS, Azure, or Google Cloud Platform.
  • Strong understanding of cloud-native security services and features, such as AWS Identity and Access Management (IAM), Azure Active Directory, and Google Cloud Identity.
  • Hands-on experience with security tools and technologies, including SIEM, IDS/IPS, DLP, WAF, and vulnerability management solutions.
  • Proficiency in scripting and automation using languages such as Python, PowerShell, or Bash.
  • Solid understanding of DevOps practices and tools, such as CI/CD pipelines, configuration management, and infrastructure as code.
  • Excellent analytical and problem-solving skills, with the ability to evaluate complex technical and business requirements and propose effective security solutions.
  • Strong communication and interpersonal skills, with the ability to collaborate effectively with diverse teams and stakeholders.



Added bonus if you have:

  • Any Cloud Certification
  • AWS/Azure/GCP security tools

What we offer you:
At FIS, you can learn, grow and make an impact in your career. Our benefits include:
• Flexible and creative work environment
• Diverse and collaborative atmosphere
• Professional and personal development resources
• Opportunities to volunteer and support charities
• Competitive salary and benefits

#LI-NJ1

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass

Fidelity National Information Services

Website: https://fisglobal.com/

Headquarter Location: Jacksonville, Florida, United States

Employee Count: 10001+

Year Founded: 1968

IPO Status: Public

Last Funding Type: Post-IPO Debt

Industries: Banking ⋅ Financial Services ⋅ Information Technology ⋅ Payments