About the Team:

Our team of associates are great to work with, and we have an awesome team of management professionals who are there to help guide you to success. We believe our clients are the most important aspect of our business. Our determination to be the best that FIS has to offer rings true with each team member through training, knowledge, and a desire to excel in the financial world.

What You Will Be Doing:

Design, develop, and maintain automation for log ingestion, normalization, enrichment, and transformation across diverse data sources and formats, with strong data quality controls.
Engineer, test, deploy, and maintain automated detections in SOAR ecosystems, including rule/playbook development, tuning, and lifecycle management to reduce false positives.
Integrate SOAR with SIEM, EDR, threat intelligence, and ITSM platforms (e.g., Microsoft Sentinel, LogRhythm, CrowdStrike, ServiceNow) using APIs and webhooks.
Automate case and ticket lifecycle management, including creation, enrichment, correlation, de-duplication, SLA tracking, and closure in systems such as ServiceNow, Jira etc.
Monitor and improve automation reliability and performance using metrics, logging, alerting, and SLOs; maintain runbooks and on-call support documentation.
Collaborate with SOC analysts, incident responders, and threat intelligence teams to translate manual procedures into resilient automations to support metrics such as MTTD, alert fidelity, and response consistency.
Ensure secure development and operational practices, including least-privilege access, secrets management, audit-ability, and compliance with data handling policies.
Document architecture, detection logic, playbooks, and runbooks; supply to knowledge sharing and enablement across the team.
Support platform migrations, upgrades, and architectural improvements for SOAR environments.

What you bring:

Bachelor’s degree in computer science, Information Security, or equivalent practical experience.
3–7 years of experience in security engineering, SOC automation, or security operations roles.
Demonstrated experience building and operating production-grade SOAR automations.
Good understanding of cybersecurity concepts, including incident response, and vulnerability management.
Experience with security tools and technologies such as SIEM, EDR and firewalls.
Proficiency in Python (or another scripting language such as PowerShell, BASH etc.) for development, testing, and automation of security and infrastructure workflows
Demonstrated experience designing and deploying security automations and SOAR playbooks in platforms such as TORQ, Google SecOps SOAR (Formerly known as Chronicle), Cortex XSOAR etc.
Familiarity with SIEM and EDR platforms such as Crowdstrike, Microsoft Sentinel, or Qradar, including detection content development and tuning.
Familiarity with cloud environments (Azure, GCP) and SaaS security tooling.
API integration patterns including REST/GraphQL, webhooks, OAuth 2.0, and JSON serialization.
Ability to work cross-functionally with SOC analysts, detection engineers, ITSM, and platform teams.
Strong understanding of SOC workflows, incident response lifecycle, and alert triage.
Strong problem resolution/analytical skills required to understand complex system interactions.
Strong work prioritization, planning, and organizational, documentation and troubleshooting skills.
Project and assignment management.

What we offer you:

A multifaceted job with a high degree of responsibility and a broad spectrum of opportunities

A broad range of professional education and personal development possibilities – FIS is your final career step!

A competitive salary and benefits.

A variety of career development tools, resources and opportunities

With a 50-year history rooted in the financial services industry, FIS™ is the world's largest global provider dedicated to financial technology solutions. We champion clients from banking to capital markets, retail to corporate and everything touched by financial services. Headquartered in Jacksonville, Florida, our 53,000 worldwide employees help serve more than 20,000 clients in over 130 countries. Our technology powers billions of transactions annually that move over $9 trillion around the globe. FIS is a Fortune 500 company and is a member of Standard & Poor’s 500® Index.

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.

#pridepass

Analyst II, Cybersecurity

Job Details

Tools & Tech