Overview
On Site
Full Time
Skills
Mergers and Acquisitions
Vendor Management
Management
Onboarding
Continuous Monitoring
Workflow
Risk Assessment
Delegation
Auditing
Data Security
Incident Management
Legal
Procurement
Inventory
Policy Writing
Communication
Stakeholder Engagement
Regulatory Compliance
SAP GRC
Dashboard
Licensing Management
Artificial Intelligence
Computer Science
Cyber Security
Information Security
CISM
Privacy
IT Governance
Cisco Certifications
Cloud Security
Collaboration
SaaS
Job Details
Vulnerability and Compliance Analyst - Governance Lead
Boston, MA or Springfield, MA
(in Any of these offices) - 3 Days in Office in a week, Rest REMOTE - Hybrid position
5+ Months Contract (Possible Extension)
Job Details:
The SaaS Governance role focuses on developing and enforcing policies, controls, and metrics for SaaS application usage across the enterprise. This includes inventory, risk classification, vendor management, access governance, usage compliance, and alignment with corporate security and privacy policies.
Key Responsibilities:
Develop and maintain SaaS governance framework, policies, standards, and control objectives.
Oversee implementation and tuning of SaaS Security tools.
Drive automation of SaaS onboarding, offboarding, and continuous monitoring workflows.
Maintain centralized inventory of SaaS applications (shadow IT + sanctioned).
Lead periodic SaaS risk assessments and security reviews.
Ensure SaaS vendor compliance with contractual obligations (e.g., DPAs, SLAs).
Work with procurement and legal to vet new SaaS apps and renewals.
Define metrics and dashboards to track governance posture and exceptions.
Enable federated governance model via policy-as-code or delegation models.
Advocate for secure SaaS adoption with business stakeholders.
Coordinate audits and collaborate with compliance teams on data protection requirements.
Provide security education and guidance to application owners and end-users.
Support and respond to incident response efforts related to SaaS data breaches or misconfigurations.
Required Skills:
5 - 8 years of experience in cybersecurity with 2+ years focused on SaaS or cloud security.
Strong understanding of SaaS risk, regulatory, and compliance issues.
Ability to collaborate across IT, legal, security, and procurement functions.
Experience with SaaS inventory/discovery tools (e.g., Netskope, Wing, BetterCloud).
Familiarity with SaaS governance frameworks (e.g., NIST, CSA, CIS).
Excellent policy writing, communication, and stakeholder engagement skills.
Preferred Skills:
Experience building or maintaining SaaS Governance Risk and Compliance (GRC) dashboards.
Understanding of SaaS license management and shadow IT discovery.
Knowledge of AI governance in SaaS tools with LLM integration.
Familiarity with data classification and retention policies across SaaS tools.
Bachelor's degree in computer science, Cybersecurity, or related field - or equivalent experience.
Relevant Certifications:
Certified Information Security Manager (CISM)
Certified Information Privacy Professional (CIPP/US or CIPP/E)
Preferred:
Certified in Governance of Enterprise IT (CGEIT)
CCSP or CCSK (Cloud Security Alliance)
SaaS Governance Professional (vendor-specific, if available)
#TB_EN
Boston, MA or Springfield, MA
(in Any of these offices) - 3 Days in Office in a week, Rest REMOTE - Hybrid position
5+ Months Contract (Possible Extension)
Job Details:
The SaaS Governance role focuses on developing and enforcing policies, controls, and metrics for SaaS application usage across the enterprise. This includes inventory, risk classification, vendor management, access governance, usage compliance, and alignment with corporate security and privacy policies.
Key Responsibilities:
Develop and maintain SaaS governance framework, policies, standards, and control objectives.
Oversee implementation and tuning of SaaS Security tools.
Drive automation of SaaS onboarding, offboarding, and continuous monitoring workflows.
Maintain centralized inventory of SaaS applications (shadow IT + sanctioned).
Lead periodic SaaS risk assessments and security reviews.
Ensure SaaS vendor compliance with contractual obligations (e.g., DPAs, SLAs).
Work with procurement and legal to vet new SaaS apps and renewals.
Define metrics and dashboards to track governance posture and exceptions.
Enable federated governance model via policy-as-code or delegation models.
Advocate for secure SaaS adoption with business stakeholders.
Coordinate audits and collaborate with compliance teams on data protection requirements.
Provide security education and guidance to application owners and end-users.
Support and respond to incident response efforts related to SaaS data breaches or misconfigurations.
Required Skills:
5 - 8 years of experience in cybersecurity with 2+ years focused on SaaS or cloud security.
Strong understanding of SaaS risk, regulatory, and compliance issues.
Ability to collaborate across IT, legal, security, and procurement functions.
Experience with SaaS inventory/discovery tools (e.g., Netskope, Wing, BetterCloud).
Familiarity with SaaS governance frameworks (e.g., NIST, CSA, CIS).
Excellent policy writing, communication, and stakeholder engagement skills.
Preferred Skills:
Experience building or maintaining SaaS Governance Risk and Compliance (GRC) dashboards.
Understanding of SaaS license management and shadow IT discovery.
Knowledge of AI governance in SaaS tools with LLM integration.
Familiarity with data classification and retention policies across SaaS tools.
Bachelor's degree in computer science, Cybersecurity, or related field - or equivalent experience.
Relevant Certifications:
Certified Information Security Manager (CISM)
Certified Information Privacy Professional (CIPP/US or CIPP/E)
Preferred:
Certified in Governance of Enterprise IT (CGEIT)
CCSP or CCSK (Cloud Security Alliance)
SaaS Governance Professional (vendor-specific, if available)
#TB_EN
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.