Information Security Analyst (SaaS) || Phoenix, AZ (Onsite)

[Sourabh Diwakar]

Job Title: Information Security Analyst (SaaS)

Location: Phoenix, AZ (Onsite)
Employment Type: C2C / Contract

 

Role Overview

We are seeking a highly skilled Information Security Analyst with strong expertise in SaaS environments and cloud security. The ideal candidate will be responsible for assessing third-party SaaS risks, ensuring compliance with financial industry standards, and supporting enterprise cloud security initiatives.

 

Key Responsibilities

• Perform risk assessments on third-party SaaS providers, including:
• Evaluating security evidence
• Interviewing technical teams
• Assessing control design and operating effectiveness
• Analyze user traffic accessing third-party applications to identify and report enterprise security risks
• Monitor industry trends and align security strategies with organizational objectives
• Create and maintain operational documentation and reports for monthly trend analysis and project tracking
• Evaluate SaaS tools and technologies for technical, functional, and financial feasibility
• Collaborate with cross-functional teams to drive timely execution of security initiatives
• Provide security expertise to Cloud Programs, including SaaS and cloud application architecture
• Support continuous improvement of cloud security posture and governance frameworks

 

Required Skills (Must Have)

• Strong understanding of multi-tenant SaaS environments
• Deep knowledge of cloud shared responsibility model (IaaS, PaaS, SaaS)
• Hands-on experience with containerization technologies (Docker, Kubernetes)
• Experience with identity federation protocols (SAML, OIDC)
• Knowledge of data classification and data protection solutions
• Familiarity with financial industry security standards and frameworks:
• FedRAMP
• NIST
• CSA (Cloud Security Alliance)
• PCI-DSS
• Experience in third-party risk management and security assessments
• Strong analytical, troubleshooting, and documentation skills
• Ability to work with both technical and business stakeholders

 

Preferred / Good-to-Have Skills

• Experience with SaaS ERP platforms, especially Oracle Financials Cloud
• Exposure to cloud security architecture programs
• Understanding of enterprise risk management frameworks
• Experience supporting audits and compliance initiatives

 

Nice to Have

• Basic understanding of Java development concepts
• Experience with:
• Java / Spring Framework
• Data Structures & Algorithms
• Git, Mockito
• gRPC / Netty (plus)
• Ability to troubleshoot issues across development and production environments

 

Soft Skills

• Strong communication and stakeholder management skills
• Ability to work independently and in a team environment
• Detail-oriented with strong problem-solving capabilities
• Proactive mindset with the ability to anticipate risks and trends

 

Keywords

SaaS Security, Cloud Security, Third-Party Risk, NIST, FedRAMP, PCI, CSA, Docker, Kubernetes, SAML, OIDC, Data Classification, Oracle Financials Cloud

 

Feel free to let me know if you have any question.