Staff Security Engineer

Job Posting Description

Are you curious, motivated, and forward-thinking? At FIS, you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.

About the team

We are seeking a highly skilled and experienced Staff Security Engineer to join our security team. This role focuses on Security Operations, Network Security, AWS Security, Web Application Firewalls (WAF), Vulnerability Management and Compliance. The successful candidate will lead a team of security professionals to enhance and maintain the security posture of our organization.

What you will be doing:

• Oversee and manage day-to-day security operations, including monitoring, detection, and response to security incidents. Develop and implement security policies, procedures, and best practices.
• Lead, mentor, and develop a team of security professionals. Foster a culture of continuous improvement and collaboration within the team.
• Ensure the security of our AWS cloud environment by implementing and managing security controls, monitoring activities, and responding to events.
• Deploy, configure, and manage WAF solutions to protect our web applications from threats and vulnerabilities. Regularly review and update WAF rules to adapt to evolving security challenges.
• Implement and manage email security solutions to protect against phishing, spam, and malware attacks. Monitor and respond to email-based threats and ensure the integrity of our email communication systems.
• Design, implement, and maintain network security solutions to protect Dragonfly’s infrastructure.
• Manage firewalls, intrusion detection/prevention systems (IDS/IPS), VPNs, and other network security tools.
• Work closely with other IT and business units to integrate security measures into all aspects of the organization. Provide security guidance and support for projects and initiatives.
• Responsible for the coordination and oversight of remediation of security gaps from audit findings, vulnerabilities scans, and other related security inspections.
• Lead information security program response to customers information security audits or Due Diligence Questionnaires.

What you bring:

• 7+ years of experience in information security, with at least 3 years focusing on cloud security.
• Deep understanding of AWS security services and best practices.
• Proficient in configuring and managing Web Application Firewalls, Data Loss Prevention, Email Security, Intrusion Detection and Prevention, Endpoint Security, Cloud Access Security Broker (CASB) technologies.
• Possess extensive knowledge across multiple security domains, such as Vulnerability Management, Data protection, Identity and Access management, and Network Security. Capable of integrating cross-domain security strategies to deliver robust protection against diverse cybersecurity threats.
• Conduct vulnerability scans, analyze scan results, prioritize vulnerabilities based on risk, and collaborating with relevant stakeholders to apply effective remediation measures.
• Knowledge of compliance standards: SOC2, ISO 27001, ISO 27701, CSA CCM, NIST CSF, NIST 800-53, US Data Privacy, and GDPR.
• Understanding of common network-based attacks like DDoS, spoofing, sniffing.
• Strong communication and leadership skills, with the ability to collaborate effectively with diverse teams.
• Ability to work independently and exercise judgment with excellent attention to detail
• Experience managing Palo Alto Firewalls is a plus.

Certifications Preferred

• CISSP - Certified Information Systems Security Professional
• AWS Certified Solutions Architect Associate
• AWS Certified Security Specialty
• SSCP – Systems Security Certified Practitioner (SSCP)
• CompTIA Security+

What we offer you:

• A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities
• A broad range of professional education and personal development possibilities – FIS is your final career step!
• A competitive salary and benefits
• A variety of career development tools, resources and opportunities

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass