SaaS Security Configuration Engineer

This is a 6 month contract-to-hire and needs to meet Client full-time conversion policies. Those dependent on a work permit sponsor now or anytime in the future (ie H1B, OPT, CPT, etc) do not meet Client requirements for this opening.

**MUST BE HYBRID IN Boston or Springfield, MA or New York, NY

**MUST BE W2; No Corp-to-Corp**

As a SaaS Security Configuration Engineer, you will partner with enterprise SaaS platform owners to ensure SaaS configurations are aligned with Enterprise security, compliance, and business policy requirements as well as Industry best practice and standards. This role includes establishing configuration baselines, change-control, compliance checks, and orchestrating remediation's across platforms.

Key Responsibilities

• Manage SaaS configuration baselines and enforce security/compliance standards.
• Define, implement, and maintain SaaS hardening benchmarks using industry frameworks (e.g., CIS Benchmarks, NIST, SOC2).
• Work with SaaS platform owners to track, audit, and remediate risky configurations.
• Manage configuration changes through established change management processes.
• Coordinate with InfoSec and Compliance teams to ensure SaaS platform posture aligns with regulatory requirements (NYDFS).
• Maintain documentation for SaaS platform setup, integrations, and change logs.
• Support the implementation and management of tools used for SaaS configuration discovery, enforcement, monitoring, and alerting.
• Lead onboarding of new SaaS applications into the security posture management (SSPM) platform.
• Collaborate with application owners and vendors to enforce security requirements and integration best practices.
• Identify misconfigurations, excessive permissions, or shadow IT SaaS usage, and drive remediation.
• Implement automated configuration checks, workflows, and alerts for drift detection.
• Monitor continuous compliance with SaaS security baselines using automated tools (SSPM, CASB, or SIEM integrations).
• Provide configuration insights during SaaS-related security incidents or service disruptions.
• Provide training and support to application owners and administrators on secure configuration.

Required Skills

• Hands on experience with SaaS platform admin consoles and configuration settings.
• Understanding of configuration compliance and change management processes.
• Experience working in ITIL/Change Control environments.
• Excellent documentation and stakeholder management skills.
• Strong analytical and problem-solving skills.
• Excellent communication and stakeholder management skills.
• Ability to work independently and across multifunctional teams.
• Detail-oriented with a focus on process improvement and operational excellence.
• Strong understanding of Identity Access Management
• Cloud Security Configuration Management

Preferred Skills

• Experience in SaaS tenant lifecycle management (onboarding, offboarding, entitlements).
• Working knowledge of enterprise architecture and integration patterns (API, webhooks).
• Scripting for automation of configuration validation and reporting.
• Familiarity with compliance frameworks and mapping SaaS controls accordingly.

Relevant Certifications

• ITIL Foundation Certification

Preferred:

• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• Microsoft 365 Certified: Enterprise Administrator Expert