FIS
financial services
EngineerPrincipal,Software-ApplicationSecurityArchitect
Neural analysis suggests this role is
optimal for Principal candidates.
“Engineer Principal, Software - Application Security Architect at FIS. Skills: Application Security Architecture, Compliance & Regulatory Ownership, Audit Management, Customer & Stakeholder Engagement, Engineering Advisory & Enablement, Governance & Continuous Improvement. defining, governing, and assuring the application security posture of the FIS Modern Banking Platform (MBP). defining, maintaining, and evolving application security architectures for MBP services”
What You'll Achieve.
MBP application architecture consistently meets or exceed security and compliance expectations; Audits and customer reviews are predictable, well-managed, and free of major surprises; Engineering teams proactively engage security early rather than reactively; Customers view FIS as a trusted, transparent, and mature security partner
Industry & Context.
Proactively identify systemic gaps and drive long‑term corrective actions rather than point fixes; Influence engineering roadmaps to address systemic security and technical debt
What They're Looking For.
Must Have
12+ years of experience in software engineering, with significant depth in application security or security architecture, experience designing and reviewing distributed systems, microservices, APIs, and cloud-native architectures, Hands-on knowledge of application security concepts including threat modelling, OWASP Top 10, secure SDLC, vulnerability management, and penetration testing, Proven experience managing regulatory compliance and audit interactions in financial services or highly regulated environments, Demonstrated ability to work directly with customers and external auditors, confidently representing platform security posture, Excellent written and verbal communication skills, including the ability to explain complex security concepts clearly
Nice to Have
Experience with banking platforms, payments, or core financial systems, Familiarity with cloud platforms (AWS, Azure, GCP) and containerised deployments, Security certifications (e. g. , CISSP, CCSP, CSSLP) are a plus but not mandatory, Experience influencing senior engineering leadership and shaping multi‑year security roadmaps
What You'll Do.
and assuring the application security posture of the FIS Modern Banking Platform (MBP)
and evolving application security architectures for MBP services
reviewing and approving application designs
deployment architectures
and integration patterns with a security-first lens
driving adoption of secure-by-design and secure-by-default principles across product teams
establishing guardrails for API security
identity and access management
owning application-level compliance for MBP across applicable standards such as PCI DSS
regional regulatory requirements
and customer contractual obligations
interpreting regulatory requirements and translating them into actionable engineering controls
maintaining clear traceability between controls
and platform implementation
serving as the primary engineering contact for internal audits
and client security assessments related to MBP applications
leading audit preparation
technical walkthroughs
and remediation plans
coordinating closure of audit findings in partnership with engineering
proactively identifying systemic gaps and driving long‑term corrective actions rather than point fixes
engaging directly with customers
and client security teams to explain MBP security architecture
and compliance posture
participating in customer due diligence reviews
RFP security responses
and architecture deep dives
advising and mentoring development teams on secure coding
dependency management
and remediation strategies
reviewing threat models
security test results
penetration test findings
and architecture proposals
partnering with DevSecOps and SRE teams to embed security into CI/CD pipelines and operational workflows
influencing engineering roadmaps to address systemic security and technical debt
defining and refining security review processes
architecture review boards
and exception handling mechanisms
tracking security risk trends
and recurring drive measurable improvements
staying current with emerging threats
fintech security trends
and regulatory expectations relevant to modern banking platforms
How You'll Work.
Team & Collaboration
working closely with product engineering, platform, SRE, compliance, customer success, and internal/external auditors; partnering with risk, legal, and compliance teams; coordinating closure of audit findings in partnership with engineering, platform, and operations teams; partnering with DevSecOps and SRE teams
Communication Scope
clarity in risk communication; clearly articulate risk, mitigation strategies, and design rationale to both technical and non-technical stakeholders; Excellent written and verbal communication skills, including the ability to explain complex security concepts clearly
Process & Methodology
audit preparation, evidence collection, remediation plans, driving long‑term corrective actions, shaping multi‑year security roadmaps
Full Job Description
Are you curious, motivated, and thinking? At FIS you’ll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us, and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all fun. **Job Title** Principal Engineer – Application Security Architect **About the Role:** The Principal Engineer – Application Security Architect is a senior technical leadership role responsible for defining, governing, and assuring the application security posture of the FIS Modern Banking Platform (MBP). This role combines deep hands‑on security architecture expertise with regulatory compliance ownership, audit management, and customer engagement. The individual will act as the primary security authority for application and deployment architectures, working closely with product engineering, platform, SRE, compliance, customer success, and internal/external auditors. The role requires strong influence without authority, clarity in risk communication, and the ability to balance security, scalability, performance, and delivery timelines. **What you will be doing:** (a)Application Security Architecture • Define, maintain, and evolve application security architectures for MBP services, ensuring alignment with FIS security standards, regulatory requirements, and industry best practices. • Review and approve application designs, deployment architectures, cloud topologies, and integration patterns with a security-first lens. • Drive adoption of secure-by-design and secure-by-default principles across product teams. • Establish guardrails for API security, data protection, identity and access management, encryption, secrets management, and threat modelling. (b) Compliance & Regulatory Ownership • Own application-level compliance for MBP across applicable standards such as PCI DSS, SOC, ISO 27001, regional regulatory requirements, and customer contractual oblig
Applying for this Engineer Principal, Software - Application Security Architect role?
Most applicants get filtered before a human reads their resume. See if yours makes the cut.
How to Apply on Workday
- Workday has a multi-step form — save your progress after every section.
- "Apply With LinkedIn" can fail or lose data; manual entry is more reliable.
- Watch for the "Submit for Review" final step — hitting "Save" alone does not submit.
- Job requisition numbers are useful when following up with HR by email.
ANONYMOUS · UNFILTERED
What do employees actually say about FIS?
Real rants from real employees. Read before you apply.