Are you curious, motivated, and thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.
Job Title
Principal Engineer – Application Security Architect
About the Role:
The Principal Engineer – Application Security Architect is a senior technical leadership role responsible for defining, governing, and assuring the application security posture of the FIS Modern Banking Platform (MBP). This role combines deep hands‑on security architecture expertise with regulatory compliance ownership, audit management, and customer engagement.
The individual will act as the primary security authority for application and deployment architectures, working closely with product engineering, platform, SRE, compliance, customer success, and internal/external auditors. The role requires strong influence without authority, clarity in risk communication, and the ability to balance security, scalability, performance, and delivery timelines.
What you will be doing:
(a)Application Security Architecture
• Define, maintain, and evolve application security architectures for MBP services, ensuring alignment with FIS security standards, regulatory requirements, and industry best practices.
• Review and approve application designs, deployment architectures, cloud topologies, and integration patterns with a security-first lens.
• Drive adoption of secure-by-design and secure-by-default principles across product teams.
• Establish guardrails for API security, data protection, identity and access management, encryption, secrets management, and threat modelling.
(b) Compliance & Regulatory Ownership
• Own application-level compliance for MBP across applicable standards such as PCI DSS, SOC, ISO 27001, regional regulatory requirements, and customer contractual obligations.
• Partner with risk, legal, and compliance teams to interpret regulatory requirements and translate them into actionable engineering controls.
• Maintain clear traceability between controls, evidences, and platform implementation.
(c) Audit Management
• Serve as the primary engineering contact for internal audits, external audits, and client security assessments related to MBP applications.
• Lead audit preparation, evidence collection, technical walkthroughs, and remediation plans.
• Coordinate closure of audit findings in partnership with engineering, platform, and operations teams.
• Proactively identify systemic gaps and drive long‑term corrective actions rather than point fixes.
(d) Customer & Stakeholder Engagement
(e) Engineering Advisory & Enablement
• Advise and mentor development teams on secure coding, design patterns, dependency management, and remediation strategies.
• Review threat models, security test results, penetration test findings, and architecture proposals.
• Partner with DevSecOps and SRE teams to embed security into CI/CD pipelines and operational workflows.
• Influence engineering roadmaps to address systemic security and technical debt.
(f) Governance & Continuous Improvement
• Define and refine security review processes, architecture review boards, and exception handling mechanisms.
• Track security risk trends, audit themes, and recurring issues; drive measurable improvements.
• Stay current with emerging threats, fintech security trends, and regulatory expectations relevant to modern banking platforms.
What you bring:
• 12+ years of experience in software engineering, with significant depth in application security or security architecture.
• Strong experience designing and reviewing distributed systems, microservices, APIs, and cloud-native architectures.
• Hands-on knowledge of application security concepts including threat modelling, OWASP Top 10, secure SDLC, vulnerability management, and penetration testing.
• Proven experience managing regulatory compliance and audit interactions in financial services or highly regulated environments.
• Demonstrated ability to work directly with customers and external auditors, confidently representing platform security posture.
• Excellent written and verbal communication skills, including the ability to explain complex security concepts clearly.
Preferred Qualifications
• Experience with banking platforms, payments, or core financial systems.
• Familiarity with cloud platforms (AWS, Azure, GCP) and containerised deployments.
• Security certifications (e.g., CISSP, CCSP, CSSLP) are a plus but not mandatory.
• Experience influencing senior engineering leadership and shaping multi‑year security roadmaps.
What Success Looks Like in This Role
• MBP application architecture consistently meets or exceed security and compliance expectations.
• Audits and customer reviews are predictable, well-managed, and free of major surprises.
• Engineering teams proactively engage security early rather than reactively.
• Customers view FIS as a trusted, transparent, and mature security partner.
What we offer you
Privacy Statement
FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.
Sourcing Model
Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.
#pridepass