Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

Cloud Security Engineering & DevSecOps Lead

Railz

Railz

Little Rock, AR, USA · Jacksonville, FL, USA · Atlanta, GA, USA · Brown Deer, WI, USA
Posted on Feb 24, 2026
Apply now

Position Type :

Full time

Type Of Hire :

Experienced (relevant combo of work and education)

Job Description

About FIS

Are you curious, motivated, and forward-thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.

About the role

We're seeking a Lead Cybersecurity Analyst, specializing in Cloud Security Engineering and DevSecOps to join our Cloud Security and Emerging Technologies team. This position is responsible for designing and implementing security automation, preventative guardrails, and developer-integrated controls that enable secure-by-default cloud adoption.

The ideal candidate will have strong hands-on experience securing cloud infrastructure and applications, partnering closely with engineering and development teams to embed security into cloud-native architectures while balancing risk, scalability, and business needs. This role requires a combination of technical skills, problem-solving aptitude, and cybersecurity expertise.

About the team

The Cloud Security and Emerging Technologies team is responsible for securing the organization's multi-cloud environments while enabling the safe adoption of new cloud capabilities and technologies. The team combines security assessments, secure solution design, and scalable security engineering to identify risks, define remediation strategies, and implement preventative controls and guardrails across the cloud estate.

What you will be doing

  • Design, build, and maintain infrastructure-as-code (IaC) templates and reusable automation frameworks with embedded security guardrails across multi-cloud environments.

  • Develop and enforce policy-as-code controls using cloud-native capabilities (e.g., AWS SCPs, Azure Policy, Open Policy Agent) to prevent misconfigurations and reduce risk at scale.

  • Automate provisioning, configuration, and validation of cloud security controls and services, ensuring secure-by-default deployments.

  • Integrate security controls and validation checks into CI/CD pipelines and developer workflows to enable shift-left security practices.

  • Administer, integrate, and optimize cloud security platforms and tooling (e.g., CSPM, Container Security), including policy tuning, onboarding automation, and operational improvements.

  • Monitor cloud environments for security posture risks, misconfigurations, and anomalous activity, and build automated detection and remediation capabilities where appropriate.

  • Collaborate with engineering, platform and security teams to operationalize security architecture requirements and implement scalable remediation solutions.

  • Support security investigations by providing cloud telemetry, automation, and technical expertise as needed.

  • Provide technical leadership and guidance on cloud security best practices, automation patterns, and DevSecOps adoption across the organization.

  • Contribute to enterprise security initiatives by standardizing controls, improving automation maturity, and driving continuous improvement of cloud security capabilities.

  • Stay current on emerging cloud technologies, security threats, and defensive techniques to continuously enhance the organization’s security posture.

  • Be a champion and advocate of cybersecurity within the company.

What you bring

  • 10+ years of experience in information security, with at least 5 years focusing on cloud security.

  • Deep understanding of cloud security services, automation patterns, and secure-by-default design principles across multi-cloud environments.

  • Strong proficiency in Infrastructure-as-Code and automation tools such as Terraform, CloudFormation, Azure Bicep and Ansible.

  • Hands-on experience integrating security controls into CI/CD pipelines using platforms such as Github Actions, Jenkins, Gitlab or similar tooling.

  • Proficiency with version control systems such as Github, Gitlab, Bitbucket or similar systems, including branching strategies, pull request workflows, and collaborative development practices.

  • Experience implementing and managing policy-as-code and preventative guardrails using cloud-native or third-party frameworks (e.g., AWS SCPs, Azure Policy, and OPA).

  • Knowledge across multiple security domains, including DevSecOps, Cloud infrastructure security, container security, identity and access management, vulnerability management and threat detection.

  • Experience with managing cloud security platforms and tooling (e.g., CNAPP), and operationalizing security controls at scale.

  • Knowledge of compliance standards and benchmarks: SOC2, ISO 27001, CSA CCM, NIST CSF, PCI DSS, CIS benchmarks.

  • Strong communication and leadership skills, with the ability to collaborate effectively with diverse teams.

Bonus is you have

  • CCSP - Certified Cloud Security Professional.

  • CISSP - Certified Information Systems Security Professional.

  • AWS Certified Solutions Architect Associate / Professional.

  • AWS Certified Security Specialty.

  • AWS Certified DevOps Engineer.

  • Microsoft Security Architect.

  • Microsoft Security Engineer Associate.

What we offer you

  • A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities.

  • A broad range of professional education and personal development possibilities – FIS is your final career step!

  • A competitive salary and benefits.

  • A variety of career development tools, resources and opportunities.

  • The chance to work on some of the most challenging, relevant issues in financial services & technology.

#LI-DS2

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

EEOC Statement

FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here


For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass

Apply now
See more open positions at Railz
Privacy policyCookie policy