SaaS Security Posture Management (SSPM) Engineer || Onsite - Phoenix, AZ ||

Job Title: SaaS Security Posture Management (SSPM) Engineer

Location: Onsite - Phoenix, AZ

Job Description

We are seeking an experienced SaaS Security Posture Management (SSPM) Engineer to design, implement, and manage SaaS security controls across enterprise SaaS environments. The ideal candidate will have hands-on experience with SSPM platforms, cloud security, automation, and governance to continuously assess and improve SaaS security posture.

Key Responsibilities

SaaS Security Engineering

• Deploy, configure, and manage SaaS Security Posture Management (SSPM) platforms.

• Monitor SaaS applications for configuration drift, excessive permissions, identity risks, and data exposure.

• Establish SaaS security baselines and implement remediation workflows.

• Support SaaS onboarding, governance, and certification processes.

Automation & Integration

• Develop automation workflows integrating SSPM platforms with IAM, SIEM, ticketing, and governance solutions.

• Build dashboards, reporting, and security posture metrics.

• Leverage APIs, Python, PowerShell, Terraform, and Infrastructure-as-Code to automate security operations.

Cloud & SaaS Security

• Secure SaaS integrations across AWS, Azure, Google Cloud Platform (Google Cloud Platform), and Oracle Cloud Infrastructure (OCI).

• Assess identity federation, API security, logging, monitoring, and data protection controls.

• Collaborate with cloud security teams to implement consistent security controls.

Governance & Risk Management

• Perform SaaS security assessments and document findings.

• Develop remediation recommendations and secure-by-design guidance.

• Support security certification, compliance, and risk assessment initiatives.

Required Skills

• 5+ years of experience in Security Engineering, Cloud Security, or SaaS Security

• Hands-on experience with SSPM platforms such as:

  • AppOmni

  • Obsidian

  • Palo Alto SSPM

  • Adaptive Shield

  • Wing Security

  • Valence

  • or similar technologies

• Strong understanding of:

  • SaaS Security

  • Identity & Access Management (IAM)

  • Data Protection

  • API Security

  • Security Monitoring

• Experience with cloud platforms:

  • AWS

  • Microsoft Azure

  • Google Cloud Platform (Google Cloud Platform)

  • Oracle Cloud Infrastructure (OCI)

• Strong scripting and automation skills using:

  • Python

  • PowerShell

  • REST APIs

  • Terraform

  • GitHub

• Experience integrating security tools and automating security workflows.

Preferred Qualifications

• Experience with CASB (Cloud Access Security Broker) solutions

• Familiarity with AI/Generative AI SaaS security risks

• Security certifications such as:

  • CISSP

  • CCSP

  • AWS Certified Security Specialty

  • Google Professional Cloud Security Engineer

  • Microsoft Azure Security Engineer

  • OCI Security Professional

Thanks

Navya