BeyondTrust is a place where you can bring your purpose to life through the work that you do, creating a safer world through our cybersecurity SaaS portfolio.
Our culture of flexibility, trust, and continual learning means you will be recognized for your growth, and for the impact you make on our success. You will be surrounded by people who challenge, support, and inspire you to be the best version of yourself.
The Role
We are seeking a SaaS Security Engineer to join our Enterprise Security Engineering team. This role is responsible for securing our SaaS ecosystem by implementing, managing, and optimizing SSPM solutions to reduce risk, enforce security baselines, and maintain compliance across our SaaS applications. The SSPM Engineer will partner closely with IT, Engineering and Compliance teams to ensure SaaS environments remain resilient, compliant, and aligned with best practices.
What You’ll Do
- Architect and lead the enterprise SaaS security strategy, ensuring secure design, deployment, and governance across all SaaS platforms and integrations.
- Define the SaaS security reference architecture and standards that align with corporate cloud, identity, and data protection strategies.
- Drive the implementation of SSPM capabilities to continuously assess, monitor, and harden SaaS applications against configuration drift, identity misuse, and emerging threats.
- Establish centralized visibility and control over sanctioned and unsanctioned SaaS applications, reducing shadow IT risk and improving compliance oversight.
- Integrate SaaS security telemetry and posture insights into broader detection and response ecosystems (SIEM, SOAR, and threat intelligence) to strengthen enterprise defense.
- Partner with IAM and Data Protection teams to enforce secure access models, privileged identity governance, and sensitive data protection across SaaS environments.
- Design automated remediation and policy enforcement workflows that ensure continuous compliance with internal and external frameworks (SOC 2, ISO 27001, NIST, etc.).
- Collaborate with IT, engineering and business stakeholders to embed security-by-design principles into SaaS adoption, procurement, and lifecycle management processes.
- Develop reporting and metrics to communicate SaaS risk posture, maturity progress, and investment priorities.
- Stay at the forefront of SaaS security innovation, evaluating SSPM market trends, threat evolution, and regulatory developments to inform the enterprise roadmap.
What You’ll Bring
- 3–5 years of experience in Cloud Security, SaaS Security and Security Engineering.
- Hands-on experience with SSPM platforms (e.g., Grip, Obsidian, AppOmni, or CrowdStrike Falcon Shield).
- Strong understanding of SaaS application security, authentication (SAML, OIDC, SWA), and identity governance.
- Hands-on experience with API security, OAuth scopes, and securing integrations between SaaS platforms.
- Familiarity with compliance frameworks and SaaS security benchmarks.
- experience with SIEM/SOAR integration and automating response workflows.
- Experience with automation and scripting (Python, PowerShell, or similar).
- Understanding of SaaS vendor risk management and third-party security assessments.
- Strong analytical, troubleshooting, and problem-solving skills.
Nice To Have
- Experience with SaaS Security tools such as CASB, CSPM, or Data Loss Prevention (DLP).
- Background in incident response and forensics within SaaS environments.
- Experience with secure software development lifecycle (SSDLC) and DevSecOps practices for SaaS integrations.
Better Together
Diversity. Inclusion. They’re more than just words for us. They are the guiding values of how we build our teams, cultivate leaders, and create a culture where people feel connected.
We take care of our employees so they can take care of our customers. Customers who come from all walks of life just like us. We hire incredible people from diverse backgrounds because when we are different together, we are stronger together.
About Us
BeyondTrust is the global identity security leader protecting Paths to Privilege™. Our identity-centric approach goes beyond securing privileges and access, empowering organizations with the most effective solution to manage the entire identity attack surface and neutralize threats, whether from external attacks or insiders.
BeyondTrust is leading the charge in transforming identity security to prevent breaches and limit the blast radius of attacks, while creating a superior customer experience and operational efficiencies. We are trusted by 20,000 customers, including 75 of the Fortune 100, and our global ecosystem of partners.
Learn more at www.beyondtrust.com.
#LI-DF1
