SaaS Security Engineer
United States,
New York
Permanent
Job ID: 2232
Job Description
[c. $300-400k Comp Package | Hybrid Working - 3 Days in Office]
Are you an experienced security professional with a deep understanding of SaaS applications and cloud security? Our client, a global technology-driven investment firm, is seeking a SaaS Security Engineer to take full ownership of securing their expanding SaaS environment. This role is critical in ensuring robust security across platforms, proactively identifying vulnerabilities, enforcing security best practices, and closing the gaps that could lead to security breaches...
Key Responsibilities
- Secure SaaS applications by implementing rigorous access controls, enforcing multi-factor authentication (MFA), and configuring security settings across core platforms
- Monitor and assess security risks by conducting in-depth security reviews, penetration tests, and vulnerability scans, ensuring airtight protection of data and infrastructure
- Manage identity and access management (IAM) within SaaS environments, implementing single sign-on (SSO), role-based access control (RBAC), and identity federation protocols such as SAML and OAuth
- Develop and maintain data loss prevention (DLP) strategies, configuring rules to prevent unauthorised data transfer and protect sensitive information
- Integrate security monitoring tools such as SIEM solutions, security analytics platforms, and threat intelligence feeds to detect and respond to potential security threats
- Evaluate new SaaS applications from a security perspective, ensuring that new services meet stringent security requirements before deployment
- Collaborate with cloud security and network teams to align SaaS security strategies with overall cybersecurity objectives
- Automate security processes where possible, leveraging scripting or security automation tools to improve efficiency and threat detection
Key Requirements
- 5-10 years of experience in cybersecurity, with a strong focus on securing SaaS applications
- Hands-on experience securing SaaS solutions such as Workday, Salesforce, Box, Databricks, Slack, and Zoom, with deep knowledge of their security configurations and best practices
- Strong understanding of cloud security architectures (AWS/Azure) and cloud-native security solutions, particularly in SaaS environments
- Expertise in IAM and access control models, including SAML, OAuth, and RBAC implementation
- Experience with Data Security Posture Management (DSPM) tools to proactively identify security risks
- Familiarity with security frameworks such as NIST Cybersecurity Framework, ISO 27001, CIS benchmarks, and Cloud Security Alliance (CSA) best practices
- Ability to perform penetration testing and security audits, identifying vulnerabilities in SaaS environments and implementing remediation strategies
- (Preferred) Experience with scripting and automation tools for security operations
...
Apply for this role
All fields marked with * are required.