Cyber Risk Management Specialist

Position Type :

Full time

Type Of Hire :

Experienced (relevant combo of work and education)

Education Desired :

Bachelor's Degree

Travel Percentage :

5 - 10%

Job Description

Are you curious, motivated and forward-thinking? At FIS, you'll have the opportunity to work on some of the most challenging and relevant issues in financial services and technology. Our talented people empower us and we believe in being part of a team that is open, collaborative, entrepreneurial, passionate and above all, fun.

About the team

This team is led by a senior IT security executive supporting the chief information security officer (CISO). The focus is advancing cybersecurity governance, policy and risk management across enterprise initiatives, including cybersecurity regulatory compliance initiatives such as NIS2.

About the role

As a cybersecurity compliance and risk management specialist, you will play a key role supporting NIS2 and other cybersecurity compliance initiatives, helping FIS navigate evolving regulations and maintain a strong security posture. You will also work with the team more broadly in advancing FIS's cybersecurity governance and risk management programs - collaborating across cybersecurity governance, lines of business (LoBs), privacy, enterprise risk, internal audit and cybersecurity teams to embed governance and risk oversight into critical business processes and the broader cybersecurity function.

This position sits within the cybersecurity organization and reports into leadership responsible for cybersecurity governance and risk. It is ideal for professionals who bring strategic insight and proven delivery experience in cybersecurity compliance, risk management and cross-functional collaboration within complex enterprise environments.

What you will be doing

Support the cybersecurity governance team by leading and delivering activities that strengthen FIS's capabilities across cybersecurity compliance, risk management and governance programs. Key responsibilities include but are not limited to:

Drive regulatory accountability

• Advise and collaborate with FIS leadership to support NIS2 and other cybersecurity, helping foster a culture of accountability and regulatory alignment
• Facilitate the registration of FIS's main EU establishment, directly supporting continued operations and growth within the European market
• Shape governance structures and incident reporting protocols, supporting timely reporting of incidents per regulatory requirements

Advance risk-based compliance

• Lead comprehensive gap assessments against NIS2 and other applicable cybersecurity compliance requirements, translating findings into actionable insights that strengthen FIS's cybersecurity and DORA framework alignment
• Develop and prioritize remediation plans that reduce risk exposure and support business continuity, positioning FIS for audit readiness
• Update and refine information security policies, embedding regulatory requirements into daily operations and supporting sustainable compliance

Advise and collaborate on operational readiness

• Advise and collaborate with cross-functional teams to enhance incident response workflows that support reporting mandates, helping reduce regulatory risk
• Partner with stakeholders to strengthen supply chain security, supporting a resilient FIS ecosystem
• Collaborate with internal audit to conduct internal audits and mock assessments, proactively identifying gaps and preparing for external audits
• Deliver executive and operational training. Equip leaders and teams with the knowledge and skills to uphold NIS2, DORA and other relevant cybersecurity compliance accountability and governance
• Design and implement awareness modules tailored for lines of business, fostering a culture of shared compliance responsibility across FIS

Embed governance and risk management

• Support ongoing risk assessments and drive alignment with leading frameworks (NIST CSF, DORA, ISO 27001), adapting FIS's cybersecurity posture to evolving regulatory and business needs
• Track and report on remediation progress and compliance metrics, providing leadership with clear visibility into risk reduction and program effectiveness
• Collaborate across functions to embed governance principles and risk management best practices, enabling FIS to achieve strategic objectives while maintaining regulatory compliance

What you bring

• Minimum 4 to 7 years of experience in cybersecurity compliance, risk management or governance within complex enterprise environments
• Strong understanding of cybersecurity frameworks and regulatory standards, including NIST CSF, DORA, ISO 27001 and GRC platforms
• Demonstrated experience supporting regulatory compliance projects, preferably NIS2 or similar cybersecurity regulations
• Proven ability to conduct gap assessments, develop remediation plans and support policy updates
• Experience advising and collaborating with cross-functional teams, including internal audit, cybersecurity and business stakeholders
• Demonstrated ability to develop, deliver and strengthen training and awareness programs for executives, cybersecurity teams and lines of business
• Strong organizational skills and attention to detail; ability to manage multiple priorities in a dynamic environment
• Analytical mindset with the ability to translate regulatory requirements into actionable governance controls and program enhancements
• Willingness to travel 5% to 15% within the United States

What we offer you

• Flexible and creative work environment.
• Diverse and collaborative atmosphere.
• Professional and personal development resources.
• Opportunities to volunteer and support charities.
• Competitive salary and benefits.

FIS is committed to providing its employees with an exciting career opportunity and competitive compensation. The pay range for this full-time position is $101, $170,470.00 and reflects the minimum and maximum target for new hire salaries for this position based on the posted role, level, and location. Within the range, actual individual starting pay is determined by additional factors, including job-related skills, experience, and relevant education or training. Any changes in work location will also impact actual individual starting pay. Please consult with your recruiter about the specific salary range for your preferred location during the hiring process.

Privacy Statement

FIS is committed to protecting the privacy and security of all personal information that we process in order to provide services to our clients. For specific information on how FIS protects personal information online, please see the Online Privacy Notice.

EEOC Statement

FIS is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, sex, sexual orientation, gender identity, marital status, genetic information, national origin, disability, veteran status, and other protected characteristics. The EEO is the Law poster is available here supplement document available here

For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will be required to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.

Sourcing Model

Recruitment at FIS works primarily on a direct sourcing model; a relatively small portion of our hiring is through recruitment agencies. FIS does not accept resumes from recruitment agencies which are not on the preferred supplier list and is not responsible for any related fees for resumes submitted to job postings, our employees, or any other part of our company.