Senior Security Engineer - SaaS Security Posture Manager

Job Description

• SaaS Configuration Auditing: Conduct thorough audits of SaaS application configurations to identify security vulnerabilities, misconfigurations, and compliance gaps • Security Integration in Purchase Cycle: Collaborate with procurement and IT teams to integrate security considerations into the purchase cycle of SaaS applications. Review security aspects of potential SaaS solutions before purchase and provide recommendations to mitigate risks • Risk Assessment: Assess the security risks associated with SaaS applications, considering factors such as data sensitivity, access controls, and compliance requirements • Security Configuration Guidance: Provide guidance and best practices for configuring SaaS applications securely, including user access controls, data encryption, and integration with identity management systems • Policy Development: Develop and enforce policies related to SaaS security configurations, ensuring alignment with industry standards and regulatory requirements • Vendor Management: Manage relationships with SaaS vendors regarding security-related issues, including conducting security assessments, negotiating security provisions in contracts, and ensuring vendor compliance with security standards • Training and Awareness: Develop and deliver training programs to educate internal stakeholders on secure SaaS configuration practices and the importance of security in the SaaS purchase process • Continuous Improvement: Stay updated on emerging threats and security best practices related to SaaS environments. Continuously improve auditing processes and integration practices to enhance the security posture of our SaaS offerings

Qualifications

• 5+ years general experience in information security - operations, engineering, incident response, SOC analyst, etc. • 3+ years experience auditing SaaS application configurations • Experience running projects – either informal PM/TPM experience, or formal • Formal education in Computer Sciences/Cybersecurity or related industry certifications. Bachelor’s degree in Computer Science, Information Security, or a related field is a plus, but not required • Proven experience in auditing SaaS application configurations for security vulnerabilities and compliance gaps • Familiarity with security frameworks and standards relevant to SaaS environments • Experience in vendor management and contract review, particularly in relation to security provisions • Excellent communication and presentation skills • Strong analytical and problem-solving abilities • Ability to work independently and collaboratively in a fast-paced environment • Must learn quickly and adapt to a changing environment and be eager to accept new responsibilities

Benefits

• Health, dental, and vision coverage, beginning on the first day of employment • Short & Long-Term Disability, Basic Life Insurance, and a 401k saving plan with employer matching • Innovative mental health support platform • Generous employee stock purchase plan • Paid Time Off, Company paid holidays, paid volunteer hours and 12 weeks paid parental leave