Need : Job Title || Cloud Security Posture Management || Phoenix AZ
Mohd Kaif Malik
Position Summary
Job Description;
SaaS Security Posture Management (SSPM)
Engineer
Role Purpose
The SaaS Security Posture Management (SSPM) Engineer is responsible for designing,
implementing, and operating SaaS security controls and posture management capabilities across
the enterprise SaaS ecosystem. This role combines SaaS security engineering, cloud security,
automation, and governance to continuously identify, assess, and remediate security risks within
SaaS platforms while supporting secure adoption of cloud and AI-enabled services.
Required Experience & Skills
· 5+ years of experience in Security Engineering, Cloud Security, or SaaS Security.
· Hands-on experience with one or more SSPM platforms such as AppOmni, Obsidian,
Palo Alto, Adaptive Shield, Wing Security, Valence, or similar technologies.
· Strong understanding of SaaS security, IAM, Data Protection, API Security, and Security
Monitoring.
· Experience with AWS, GCP, Azure, and/or OCI security concepts and controls.
· Proficiency in Python, PowerShell, APIs, Terraform, GitHub, and automation
frameworks.
· Experience integrating security tooling and building automated workflows.
Preferred Qualifications
· Experience with CASB technologies and SaaS governance programs.
· Familiarity with AI/GenAI-enabled SaaS security risks.
· Relevant certifications such as CISSP, CCSP, AWS Security Specialty, Google
Professional Cloud Security Engineer, Azure Security Engineer, or OCI Security
Professional.
Key Responsibilities
SaaS Security Engineering
· Deploy, configure, and operate SSPM platforms to continuously monitor SaaS security
posture.
· Assess SaaS applications for configuration drift, identity risks, excessive permissions,
data exposure, and third-party application risks.
· Establish and maintain SaaS security baselines and remediation workflows.
· Support SaaS onboarding, certification, and governance processes.
Automation & Integration
· Build automation workflows and integrations between SSPM platforms, IAM, SIEM,
ticketing, and governance systems.
· Develop dashboards, reporting, and metrics to provide visibility into SaaS security
posture and compliance.
· Leverage APIs, scripting, and Infrastructure-as-Code to improve operational efficiency
and security automation.
Cloud & SaaS Security
· Knowledge about SaaS integrations with AWS, Google Cloud Platform (GCP), Microsoft
Azure, and Oracle Cloud Infrastructure (OCI).
· Assess identity federation, API connectivity, data protection, logging, and monitoring
controls across SaaS and cloud environments.
· Partner with cloud security teams to ensure consistent control implementation and risk
management.
Governance & Risk Management
· Document findings, remediation recommendations, and residual risks.
· Contribute to SaaS security standards, control frameworks, and secure-by-design
guidance.
· Support risk assessments, exception reviews, and security certification activities.