Principal Security Engineer - SaaS Security Posture Mgt

About The Position

Requirements

• Bachelor’s degree or equivalent experience in Computer Science, Information Security, or related field
• 7+ years experience in cybersecurity engineering or related discipline
• 2+ years hands on experience with SSPM tools
• Deep knowledge of SaaS security models including APIs, OAuth, OIDC, federation, and SaaS integrations
• Experience securing enterprise SaaS platforms such as Microsoft 365, Salesforce, ServiceNow, Workday, Google Workspace
• Strong knowledge of SIEM, SOAR, ITSM, and security workflow orchestration
• Experience with identity and access management including least privilege, privilege escalation, and non human identities
• Understanding of regulatory frameworks including NIST, CIS, SOC 2, PCI DSS, ISO 27001
• Strong communication skills translating technical risk into clear actions
• Proven ability to lead cross functional initiatives and deliver results

Nice To Haves

• Certifications such as CISSP, CCSP, CISM, SSCP, or cloud security certifications
• Experience with SaaS security and data protection platforms
• Scripting or automation experience such as Python or PowerShell
• Background in regulated industries such as financial services or healthcare
• Experience building security governance programs and risk frameworks
• Exposure to AI security risks including securing AI agents and preventing data leakage

Responsibilities

• Own SSPM platform management across planning, onboarding, configuration, and operations for enterprise SaaS applications
• Develop and execute SSPM roadmap aligned to risk, business criticality, and regulatory requirements
• Configure and continuously tune SSPM controls to monitor SaaS security posture and align with policy and best practices
• Conduct threat modeling and risk assessments for SaaS integrations and APIs
• Integrate SSPM with SIEM, SOAR, ITSM, and identity platforms to enable automation, alerting, and reporting
• Partner with Cyber Operations to define detection rules, alert thresholds, and escalation processes
• Establish SaaS governance processes including onboarding, configuration baselines, access reviews, and third party risk
• Track and report SSPM metrics such as posture scores, remediation timelines, and coverage to leadership
• Drive remediation of misconfigurations, excessive access, and data exposure with application owners
• Support compliance by mapping SSPM findings to frameworks such as NIST, CIS, SOC 2, PCI DSS, ISO 27001
• Maintain awareness of emerging SaaS threats and continuously enhance SSPM capabilities
• Contribute to SaaS security policies, standards, and training programs

Benefits

• comprehensive medical, dental, and vision coverage
• retirement benefits
• maternity and paternity leave
• flexible work arrangements
• education reimbursement
• wellness programs