SaaS Security Engineer

Role: SaaS Security Engineer

Location: Boston, MA/Springfield, MA/ NYC

Duration: 8 Months

 W2 Only. No C2C

As a SaaS Security Engineer, you will be responsible for securing the organization’s SaaS ecosystem. Your primary objective will be to assess, implement, and monitor security controls across SaaS platforms such as Microsoft 365, Salesforce, Workday, ServiceNow, and others. You’ll work closely with IT, compliance, DevOps, and business units to ensure proper configurations, data protection, identity integration, and continuous monitoring of SaaS risks.

Key Responsibilities:

• Review, assess and secure SaaS applications based on security best practices and benchmarks (e.g., CIS, NIST).
• Integrate SaaS apps with centralized IAM solutions (e.g., SSO/MFA via Okta, Azure AD).
• Monitor configurations, logs, and user activities using SSPM tools (e.g., AppOmni, Obsidian, Valence).
• Participate in SaaS vendor security reviews and due diligence assessments for new and existing services.
• Implement and maintain security controls for access, sharing, and integrations.
• Support and respond to SaaS-related incidents and perform root cause analysis.
• Collaborate with DevOps and application teams to embed SaaS security in CI/CD pipelines.
• Support audit and compliance efforts by ensuring platforms meet security requirements.
• Provide guidance and training to teams on SaaS Security practices and secure usage.

Required Skills:

• Experience with SaaS platforms (Microsoft 365, Google Workspace, Salesforce, ServiceNow).
• Strong knowledge of identity and access management (IAM, SSO, MFA).
• Understanding of OAuth, SAML, SCIM, and API security.
• Familiarity with DLP, CASB, and SSPM technologies.
• Experience in configuring SaaS audit logs and performing log analysis.
• Ability to write and maintain security runbooks and hardening checklists.

Preferred Skills:

• Experience in automation/scripting (Python, PowerShell).
• Familiarity with MITRE Telecommunication&CK SaaS mappings.
• Exposure to Zero Trust and Secure Access Service Edge (SASE) models.
• Experience with configuration management tools and security compliance frameworks (e.g., SOC 2, ISO 27001).

Preferred Certifications:

• Required (or highly recommended):
• CompTIA Security+
• Microsoft Certified: Security, Compliance, and Identity Fundamentals
• Okta Certified Professional or Administrator
• GIAC Cloud Security Automation (GCSA)
• CCSP (Certified Cloud Security Professional)
• Certified Information Systems Security Professional (CISSP)

EEO: “Mindlance is an Equal Opportunity Employer and does not discriminate in employment on the basis of – Minority/Gender/Disability/Religion/LGBTQI/Age/Veterans.”