Location: Phoenix, AZ
Salary Compensation: $250K/yr. – $300K/yr.
Email Address: usa@oscartemple.com (Share your Resume to this email with the Job title as subject)
Industry: Financial Services
Summary
The SaaS Security group measures and drives risk reduction across all SaaS applications through partnership and collaboration across Technology Risk and Information Security, as well as multiple Technology teams. The Director SaaS Security will create a new program, leveraging an existing set of policies, standards, processes, and tools/services but aggressively driving coverage and capabilities to address rapid growth across the enterprise. The Director and their team will be accountable for securely enabling the current and future use of SaaS applications
Responsibilities:
- Design and deliver a SaaS Security program created to assess, measure, and secure capabilities across public cloud
- Assess, measure and report against cloud controls, and drive risk reduction guidance across all SaaS products and their hosted cloud environment
- Provide security expertise with regards to common SaaS risks such as data exfiltration, SaaS to SaaS connectivity, and growing integrations with other external products and platforms.
- Collaborate with enterprise architects, SMEs, and product owners to deliver comprehensive security solutions.
- Build security and governance processes integrated across Technology Risk and Information Security to drive reduction of risk for Third Party SaaS offerings.
- Lead or partner with technical partners the technical design and deployment of capabilities for SaaS platforms.
- Support Cloud Security review and assessment of pre-contract M&A Cloud-based companies.
- Identify security and data protection gaps in SaaS applications and build a consistent architecture to adopt across all SaaS.
Qualifications:
- Minimum of 8 years of experience in Information Security roles with demonstrated experience in a manager-level role.
- Experience with Cloud Control Matrix and CIS benchmarks for gap assessment and threat remediation.
- Broad understanding of all Information Security disciplines including Governance, Cyber Threat, Identity and Access, Infrastructure, Endpoint, Vulnerability, Data Protection, Operations, Application, Incident Response.
- Understanding of Information Security technology and platform delivery with experience in planning and execution of SaaS Security projects.
- Understanding of Cloud Fundamentals, including securing public cloud with data protection controls.
- Knowledge of security configuration management, container security, endpoint security and secrets management as they are applied to cloud applications.
- Knowledge of network architecture, proxy infrastructure, and programs to support network access and enablement.
- Experience in creating a robust secure environment for SaaS that adheres to all security policies and standards.
- Ability to assess the impact of security tools to colleagues across different operating systems and SaaS applications.
- Experience with Information Security controls & compliance, including partnering with both internal and external auditors/regulators.
- Demonstrated ability to manage large financial portfolios, specifically managing year-over-year budget for BAU operations, new investments and contract renewals.
- Experience with multiple Information Security domains, such as Infrastructure Vulnerability, Data Loss Prevention, End User Security, Network Security, Internet Security, Identity & Access Management, etc.
Information Security or Cloud Certification preferred – CISSP, CISM, CCSP or similar.