We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
I agree and accept cookies
Main menu
Post a Job
Request a Demo
Yes
No
Both
Advanced search
#alert
Back to search results / More jobs like this
Back to search results
New
FIS jobs

Analyst II, Cybersecurity

FIS
Mar 18, 2026

Position Type :

Full time

Type Of Hire :

Experienced (relevant combo of work and education)

Education Desired :

Bachelor's Degree

Job Description

About FIS

Are you curious, motivated, and forward-thinking? At FIS you'll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun.

Current and future sponsorship are not available for this position

About the team

The Attack Surface Response Team (ASRT) is a core function within FIS Cybersecurity responsible for rapidly identifying, prioritizing, and driving remediation of vulnerabilities across the organization's global technology estate. ASRT partners closely with multiple internal security and business teams to validate findings, escalate emerging threats, and support containment when necessary. The team manages vulnerability ownership, data integrity, remediation tracking, sustainability reviews, stakeholder communication, and exception governance, ensuring clear accountability and consistent reduction of risk.

What you will be doing

Within the role you will be responsible for evaluating and prioritizing vulnerabilities, coordinating remediation with technical and business stakeholders, and ensuring timely progress against security SLAs.

It requires strong communication and escalation management to keep leadership informed of risk and impact, along with the ability to support rapid response during high-severity events.

The role also maintains accurate vulnerability and asset alignment, investigates discrepancies, and contributes to continuous improvement and long-term reduction of the organization's attack surface.

  • Analyze, triage, and prioritize reported vulnerabilities, ensuring alignment with Attack Surface Management Leadership (ASM-L) scoring and imminent-risk criteria.

  • Coordinate remediation efforts across business units and technology teams, driving clear ownership, tracking progress, and ensuring required actions are completed within policy driven security level agreements (SLA).

  • Manage stakeholder communication and escalation, you will be responsible for providing timely updates, risk context, and impact summaries to leadership and technical owners.

  • Support rapid response activities during critical or high-risk vulnerability events, including security incident creation, emergency change requests driven from security incidents, and cross-team coordination with internal security teams.

  • Validate vulnerability findings and ensure accurate asset alignment, investigating ownership gaps, configuration database mismatches, and scanning discrepancies to maintain attack-surface visibility.

  • Contribute to sustainability and risk-reduction reporting, monitoring aging vulnerabilities, identifying systemic issues, and driving continuous improvement initiative.

What you bring

Strong analytical capability, able to interpret vulnerability data, assess risk, and translate findings into clear remediation priorities.

  • Effective coordination and stakeholder management, combining structured project-management discipline with the ability to drive cross-team remediation.

  • Clear, outcome-focused communicator who can articulate technical risk and remediation expectations to both technical and non-technical audiences.

  • Strong hands-on technical skills, including the ability to write, troubleshoot, and interpret SQL queries for data validation, enrichment, and vulnerability reporting, practical experience using security tools such as Nmap for network discovery and evidence gathering, familiarity with packet analysis, log interrogation, and basic scripting (e.g., Python, PowerShell) to automate tasks, validate findings, and support investigative work, understanding of core security principles such as authentication, access control, encryption, and common vulnerability classes (e.g., misconfigurations, insecure services, outdated components), enabling deeper analysis and high-quality remediation guidance.

  • Broad security and infrastructure understanding (Windows, Linux, cloud, networking) with familiarity in threat-intelligence concepts and vulnerability-management tooling; security certifications highly beneficial.

  • Solid understanding of vulnerability-management processes and threat-intelligence concepts, with the ability to connect exploitation trends to prioritization decisions; industry security certifications (e.g., Security+, CySA+, GSEC, CEH, or similar) strongly beneficial.

Bonus if you have

  • Experience analyzing vulnerabilities at a deeper technical level, including understanding exploit mechanics, common weakness classes (OWASP, CWE), misconfiguration patterns, and how attacker tradecraft influences real-world risk.

  • Understanding of secure architecture principles and common enterprise technology stacks (e.g., identity systems, container platforms, cloud security controls), enabling more informed discussions with engineering teams and stronger prioritization decisions.

  • Ability to perform low-level investigative tasks such as packet inspection, log correlation, protocol analysis, or basic reverse-engineering to validate findings and support incident response when required.

What we offer you

  • A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities.

  • A modern, international work environment and a dedicated and motivated team.

  • The chance to work on some of the most challenging, relevant issues in financial services & technology.

  • A work environment built on collaboration, flexibility and respect.

  • Varied and challenging work to help you grow your technical skillset.

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

EEOC Statement

FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here

For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass

Applied = 0
MORE JOBS LIKE THIS

(web-bd9584865-vpmzc)