InfoSec SaaS Security Lead

About the Role:

We are looking for a SaaS Security & Compliance Engineer to join our Information Security team. Our environment is 100% SaaS-based with many interconnected systems (e.g., CRM, billing, HRIS, collaboration, support, finance tools), all tied together through our identity provider and integrations.

This role is less about traditional code-review AppSec and more about:

• Securing how we configure, connect, and use our SaaS platforms
• Owning key SaaS/identity security controls (SSO, MFA, RBAC, logging, DLP, CASB, SaS Security Posture Management (SSPM), etc.
• Making sure our SaaS environment is audit-ready for SOC 2, ISO 27001 and customer security reviews

You will sit in InfoSec but work closely with IT, Engineering, Enterprise Systems and other system owners to keep our SaaS stack secure and compliant.

What You'll Do:

1. SaaS Security Architecture & Configuration

• Work with IT to build and maintain an inventory of SaaS applications, including data sensitivity, owners, and integrations.
• Define and maintain baseline security configurations for key SaaS tools (e.g., password policies, session settings, IP/device restrictions, sharing controls).
• Review and approve new SaaS apps and integrations from a security perspective:
• Data flows (what data, where it goes, which region)
• Access model (who can use it, how they log in)
• Integration security (API tokens, webhooks, scopes, secrets)
• Work with app owners to remediate misconfigurations and close security gaps in SaaS platforms.

2. Identity & Access Management for SaaS

• Partner with IT/Platform to standardize SSO/MFA across as many SaaS apps as possible.
• Help design and enforce role-based access control (RBAC) and least privilege for critical applications.
• Support user lifecycle management across SaaS:
• Onboarding/offboarding flows
• Group-based access
• Periodic access reviews and certifications
• Monitor for and reduce “shadow IT” and unmanaged accounts.

3. SaaS Security Monitoring & Incident Response

• Work with SIEM/CASB/SSPM/DLP tools (or equivalent) to:
• Ingest and correlate SaaS audit logs (IdP, CRM, collaboration tools, etc.)
• Tune alerts for suspicious logins, unusual data access, risky configurations, and anomalous behavior.
• Participate in the security incident process for SaaS-related events:
• Triage alerts, validate impact, and coordinate containment with system owners and vendors.
• Document incidents, root causes, and follow-up actions.
• Help implement data protection controls in SaaS:
• DLP policies (e.g., for PII, payment data, other sensitive data)
• Sharing restrictions (public links, external sharing, downloads).

4. Compliance & Audit (SaaS-Focused Controls)

• Own/co-own SaaS-related controls for SOC 2, ISO 27001, and similar frameworks, such as:
• Access control, authentication, and authorization
• Change management and configuration management for SaaS apps
• Logging, monitoring, and incident response
• Vendor management and third-party risk
• Collect and maintain audit-ready evidence:
• Screenshots of configs, exported reports, access review results, SIEM/CASB reports, DLP policies, tickets.
• Support internal and external audits by walking auditors through:
• How our SaaS security controls are designed
• How they operate day-to-day
• How we monitor and improve them.

5. Enablement, Documentation & Process Improvement

• • Create and maintain clear documentation:
    • SaaS security standards and configuration guides
    • Playbooks for onboarding new SaaS apps and integrations
    • Runbooks for common SaaS security tasks and incidents
  • Provide lightweight, targeted guidance to system owners:
    • Here’s how to configure this SaaS app securely
    • Here’s the checklist before you connect a new integration
  • Identify manual or repetitive tasks and suggest opportunities for automation (e.g., scripts, SSPM integrations, workflow tools).