11 Saas Security Jobs

In the cloud, every second counts. On the leading edge of security, Sysdig stops attacks in real-time by instantly detecting changes in cloud security risk with runtime insights and open source Falco. Trusted by a large enterprise customer base, we are a well-funded startup, passionate open source enthusiasts at heart, and problem-solvers who are building and delivering powerful solutions to secure cloud-native applications. We have an organizational focus on delivering value to customers. We appreciate diverse opinions and open dialogue to spur ideas and we believe in working together to achieve our goals. We're an international company that understands how to cultivate an inclusive environment across all teams. And we're a great place to work too - we've been named a "Best Places to Work" by Inc, the San Francisco Business Time, and Built In, with recognitions ranging from "Best Benefits" to a "Best Company for Happiness". We are looking for driven team members who want to join us on our mission to lead cloud security globally. Does this sound like the right place for you Reporting to our Regional Sales Director, you will implement sales plans for your assigned territory by forecasting and exceeding quota. Through a combination of inbound and outbound leads, you will manage a high-velocity, SaaS funnel. You will manage and track opportunities through CRM and other supporting tools. You will collaborate on and improve the sales cycle, including product, support, and sales engineering. You will work with and promote the Partner ecosystem. Convey Sysdig key value drivers and differentiators to prospects and customers. Understand the competitive market, being familiar with competing companies and their offerings. What you will bring with you: - 7+ years of IT Enterprise Sales experience, with a strong focus on security-related deals including SaaS security, cloud security, Kubernetes/containers, open source, and APM. - Track record of overachieving sales targets. - Ability to learn new products and processes quickly. - Experience with Salesforce and Clari Competitive/Driven Excellent communication skills verbal and written, team player. - Must be willing to travel to clients to support sales relationships if required. - Entrepreneurial - Willing to go the extra mile, strong work ethic, resourceful, "get it done" attitude. - Ability to work with multiple sources of pipelines, including LDR, SDR, ISR, and Channels. - Ability to cross-collaborate with Marketing, Customer Success, and other business units as needed. - Ability to bring a C-level network to the table and have C-level conversations (CISO). What we look for: - SaaS sales experience. - Track records of hunting new business opportunities in greenfield territories. - MEDDPICC experience and Challenger sales experience. When you join Sysdig, you can expect: - Extra days off to prioritize your well-being. - Mental health support for you and your family through the Modern Health app. - Great compensation package. We would love for you to join us! Please reach out even if your experience doesn't perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different. Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated.,

The company Ushur delivers the world's first Customer Experience Automation platform tailored for regulated industries. Ushur's focus is on providing ideal self-service experiences by infusing intelligence into digital interactions, resulting in delightful and impactful customer engagements. With a compliance-ready infrastructure, Ushur specializes in creating vertical AI Agents for healthcare, financial services, and insurance sectors. As the GRC Lead at Ushur, you will collaborate with the GRC Director to execute GRC initiatives and strategies. Your primary responsibilities will include implementing processes to uphold protection, compliance, and certifications within the organization. You will work towards acquiring new certifications, supporting audits, and ensuring ongoing compliance. This role will require close collaboration with various teams, offering guidance to product management, customer success, system architects, engineering, and quality assurance teams. Key Responsibilities: - Implementing the GRC charter to enhance the overall security and compliance posture of the organization. - Collaborating with external security consultants to develop a security-conscious mindset within the teams. - Supporting and adhering to regulations such as CCPA, GDPR, HIPAA, HITRUST, etc. - Assisting in certification and compliance audit activities like SOC2, HITRUST, ISO 27001, and PCI-DSS. - Contributing to product and corporate security hygiene. - Establishing policies, procedures, and guidelines. - Serving as a subject matter expert in security and GRC practices. - Continuously improving GRC processes in alignment with stakeholders and existing tools. Qualifications: - 8-10 years of IT experience with a minimum of 3 years in security/GRC. - Proficiency in Cloud Concepts, Cloud Security, and SaaS Security. - Experience in an AWS cloud environment is essential. - Ability to draft policies, procedures, and reports. - Familiarity with Security Operations is advantageous. - Hands-on experience in compliance tasks, assessments, risk management, and audits. - Knowledge of organization accreditations/certifications like SOC2, ISO 27001, PCI DSS. - Understanding of frameworks, regulations, standards, and best practices such as NIST CSF, CSA, CIS, HITRUST. - Prior exposure to GRC tools is a plus. - Skills in DevSecOps/DevOps, security testing, vulnerability management, data security, incident response, etc. - Awareness of industry regulations on security and privacy like GDPR, CCPA, DPDP. Join Us for: - Thriving Company Culture that values respect, inclusion, and collaboration. - Diversity and inclusivity in an innovative and supportive environment. - Work-life balance with flexible paid time off and wellness initiatives. - Comprehensive Health Benefits including medical insurance and wellness programs. - Competitive compensation, stock options, and growth opportunities. - Emphasis on lifelong learning with certification courses and professional development support. - Flexible Work Options to support collaboration and personal well-being, either in-office or hybrid model.,

Are you ready to power the World's connections If you don't think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we're looking for candidates that are particularly strong in a few areas, and have some interest and capabilities in others. Kong is establishing a global Customer Assurance team that will play an important role in helping Kong gain and keep the trust of its customers around the world with respect to its information security, operational resilience, and data governance practices. Reporting to Kong's US-based Director, GRC, the Customer Assurance Senior Manager will be the first hire into this India-based team and will play an important role in helping build the team. **What you'll be doing:** - **Manage Customer Assurance:** Oversee customer assurance initiatives, focusing on completing customer security questionnaires, RFP security sections, certification documentation sharing, and other due diligence requests to build trust in Kong's product and service security. Lead the customer assurance team and communicate program issues to leadership as needed. Ensure a deep understanding of the product and maintain a well-organized library of resources. - **Coordinate Cross-Functional Responses:** Serve as the primary point of contact for customer security and compliance inquiries. Collaborate with internal teams (Compliance, Security, Engineering, Legal, etc.) to gather necessary information and provide thorough, prompt, and accurate responses to customer questionnaires and inquiries. - **Develop Scalable Processes:** Create and refine processes to efficiently handle questionnaire completion and information security inquiry responses. Maintain a repository of standard answers, templates, and documentation to enhance efficiency and consistency. Leverage tools or automation to manage repetitive questionnaire content. - **Proactive Customer Assurance:** Produce and maintain customer-facing security documentation and collateral (such as FAQ and trust portal content). Anticipate and address common customer questions proactively to build trust. - **Cross-Department Collaboration:** Work closely with global Sales and Customer Success teams during pre-sales and renewal cycles to address security and compliance questions. Attend customer calls as the company's Customer Assurance representative, providing clear explanations of our security posture and practices to shorten sales cycles and reassure customers. - **Program Monitoring and Improvement:** Track and report on customer assurance activities and metrics (such as questionnaire turnaround times, common security concerns, and customer feedback). Use these insights to continuously improve the customer assurance program, streamlining workflows, enhancing answer quality, and maintaining thorough and timely communication. **What you'll bring:** - **Experience:** Over 5 years of experience in information security or compliance, with substantial involvement in security assurance or GRC programs. At least 1 year of experience in a customer-facing role, such as responding to client security questionnaires or participating in trust-building activities. Total professional experience is less than 15 years. - **Security Knowledge:** Understanding of security and compliance frameworks/standards (such as SOC 2, ISO 27001, NIST, GDPR, CCPA). Working knowledge of cloud security principles and IT controls related to SaaS environments. - **Technical Skills:** Expertise with cloud platforms such as GCP, Azure, or AWS, as well as containerization technologies like Docker and Kubernetes. Strong background in SaaS security. - **Non-Technical Skills:** Experienced in creating clear and accessible documentation that explains complex technical scenarios to non-technical audiences. - **Process Management:** Ability to manage multiple requests simultaneously and meet deadlines. Experience maturing customer assurance processes, such as implementing tools for security questionnaire automation or knowledge bases. Experience developing or improving processes to increase efficiency is a plus. - **Communication Skills:** Ability to translate complex security concepts into clear, customer-friendly written and verbal communication. Comfortable interacting with enterprise customers and internal stakeholders. - **Collaboration:** Ability to collaborate effectively with diverse groups (engineering, legal, sales, etc.) through proactive and customer-service-focused approaches. - **Education:** Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent work experience). This opportunity requires you to work from our office in Bangalore, India in a hybrid manner with three days in the office and two days working from home. **Preferred Qualifications:** - **Certifications:** Professional certifications such as CISSP or CISA (preferred but not required). - **SaaS/Industry Experience:** Experience working in a SaaS company, especially in cloud services or API management. About Kong: Kong Inc., a leading developer of cloud API technologies, is on a mission to enable companies around the world to become API-first and securely accelerate AI adoption. Kong helps organizations globally from startups to Fortune 500 enterprises unleash developer productivity, build securely, and accelerate time to market. For more information about Kong, please visit www.konghq.com or follow us on X @thekonginc.,

As a Principal Engineer in Security & Cloud Engineering at our company, you will be responsible for leading the efforts to enhance security measures and cloud engineering practices for our enterprise Java product. Your role will involve overseeing both On-Prem and SaaS deployments, implementing secure SDLC practices, driving DevSecOps automation, ensuring container security, and strengthening platform integrity. You will collaborate closely with engineering, DevOps, QA, and compliance teams to safeguard our product and infrastructure against vulnerabilities and maintain compliance standards. Your responsibilities will include leading secure coding practices, integrating various security testing tools into the development lifecycle, conducting threat modeling, assessing security risks, guiding teams on secure implementation patterns, and ensuring secure cloud and container deployments. Additionally, you will be involved in automating security checks in CI/CD pipelines, promoting Infrastructure as Code (IaC) security, defining security standards aligned with industry best practices, mentoring engineers on secure practices, and collaborating with product owners and engineering managers to drive secure feature development. To qualify for this role, you should have over 12 years of experience in application security, DevSecOps, or cloud security within enterprise Java environments, a strong understanding of penetration testing and security analysis tools, expertise in secure coding and vulnerability assessment, hands-on experience with Docker, Kubernetes, and cloud-native security tools, familiarity with SaaS security concerns, and experience integrating security into CI/CD pipelines using GitOps principles. Preferred qualifications include certifications such as OSCP, CEH, CISSP, or CKS, prior experience with security automation and container scanning platforms, knowledge of threat modeling frameworks, and exposure to Gen AI tools for secure code analysis. In return, we offer you the opportunity to influence product direction and architecture, work in a collaborative and learning-focused environment, access modern tools and Gen AI platforms, a competitive salary with performance bonuses, health insurance, and a hybrid work model. Join us at Quest, where your passion for technology and dedication to innovation can thrive. Find out more about us and our career opportunities at Quest Careers | Where next meets now.,

About Netskope Today, there&aposs more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network and Data Security. Since 2012, we have built the market-leading cloud security company and an award-winning culture powered by hundreds of employees spread across offices in Santa Clara, St. Louis, Bangalore, London, Paris, Melbourne, Taipei, and Tokyo. Our core values are openness, honesty, and transparency, and we purposely developed our open desk layouts and large meeting spaces to support and promote partnerships, collaboration, and teamwork. From catered lunches and office celebrations to employee recognition events and social professional groups such as the Awesome Women of Netskope (AWON), we strive to keep work fun, supportive and interactive. Visit us at Netskope Careers. Please follow us on LinkedIn and Twitter@Netskope. About The Role Today, theres more data and users outside the enterprise than inside, causing the network perimeter as we know it to dissolve. We realized a new perimeter was needed, one that is built in the cloud and follows and protects data wherever it goes, so we started Netskope to redefine Cloud, Network, and Data Security. Within Netskope Engineering, we have invented a Next Generation SaaS Security Posture Management (SSPM) tool that gives enterprises workload and compliance visibility to protect critical data within their numerous Software-as-a-Service deployments. The research team for this product works as content producers, pathfinders and minesweepers. The researcher&aposs duties are to discover the best solutions to the problems our customers are facing before they know they have them and to find flaws in our design choices before we engineer them. For this mission, we are looking for new security researchers to design new security-focused application integrations and develop new content for the platform. Whats In It For You We believe Netskopes SSPM team is the best place for you to work if you seek: An opportunity to shape the design of a novel product and have a significant role on the impact it makes in the enterprise security domain. To solve intellectually rewarding problems with a meaningful purpose. A position with high agency and trust on how you choose to work. An amazing work environment, competitive compensation, benefits and great perks. The rest of the great reasons to join Netskope as described in https://www.netskope.com/company/careers What You Will Be Doing Some examples of the problems the team needs to solve could include: Implement security and compliance content to the product. Help make the correct security configuration decisions on behalf of our customers. Investigate SaaS design and data models and translate them to security graphs consumed by the SPM product. Study API design, hardening manuals and security best practices to discover the essential security caveats of the target applications. Find novel solutions to provide visibility, security, compliance and remediation tools for enterprise SaaS application environments. Explore different threat vectors for cloud services. Support multiple stakeholders such as engineering, research, product management, customer success, and customer support teams as a domain expert. Public writing and presentation opportunities, such as publishing articles, blogs or papers in relevant conferences. Mentor, coach and lead a team of researchers to write detections that are of high quality. Required Skills And Experience A decent understanding of Information Security. SaaS specific security experience preferable. At least 4 - 6 years of experience in security domain (any of CSPM, DSPM, ASPM or the like) Experience from security analysis work, enterprise SaaS deployment hardening duties or from security content development. Proficient enough in scripting language ( Python, Shell ) of ones choice to be able to solve technical problems with code. Experience with public cloud security and other security solutions is an asset. Experience on novel product development, API-based automation and programming are great merits as well. Experience working with common database and search technologies such as SQL Experience working with big data frameworks such as Spark or BigQuery Additional Skills To perform this duty successfully, a candidate ideally has the following non-technical skills: Great written and verbal communication skills. Fast learning skills, intuitiveness and creativity. Comfortable working in unknown domains. Be opinionated and not afraid of expressing oneself. Precise, careful and detail oriented. Ability to work in a geo-distributed cross-functional group in asynchronous fashion. Education BSCS or equivalent required, MSCS or equivalent strongly preferred Netskope is committed to implementing equal employment opportunities for all employees and applicants for employment. Netskope does not discriminate in employment opportunities or practices based on religion, race, color, sex, marital or veteran statues, age, national origin, ancestry, physical or mental disability, medical condition, sexual orientation, gender identity/expression, genetic information, pregnancy (including childbirth, lactation and related medical conditions), or any other characteristic protected by the laws or regulations of any jurisdiction in which we operate. Netskope respects your privacy and is committed to protecting the personal information you share with us, please refer to Netskope&aposs Privacy Policy for more details. Show more Show less

In the cloud, every second counts. On the leading edge of security, Sysdig stops attacks in real-time by instantly detecting changes in cloud security risk with runtime insights and open source Falco. Trusted by a large enterprise customer base, we are a well-funded startup, passionate open source enthusiasts at heart, and problem-solvers who are building and delivering powerful solutions to secure cloud-native applications. We have an organizational focus on delivering value to customers. We appreciate diverse opinions and open dialogue to spur ideas. We believe in working together to achieve our goals, and we pride ourselves on a work culture. We&aposre an international company that understands how to cultivate an inclusive environment across all teams. And we&aposre a great place to work too - we&aposve been named a "Best Places to Work" by Inc, the San Francisco Business Time, and Built In, with recognitions ranging from "Best Benefits" to a "Best Company for Happiness". We are looking for driven team members who want to join us on our mission to lead cloud security globally. Does this sound like the right place for you What You Will Do Reporting to our Regional Sales Director you will implement sales plans for your assigned territory by forecasting and exceeding quota Through a combination of inbound and outbound leads, you will manage a high-velocity, SaaS funnel You will manage opportunities through CRM and other supporting tools You will collaborate on and improve the sales cycle, including product, support, and sales engineering You will work with and promote Partner ecosystem Convey Sysdig main value drivers and differentiators to prospects and customers Understand the competitive market, being familiar with competing companies and their offerings What You Will Bring With You 7+ years of IT Enterprise Sales experience, with a focus on security-related deals including SaaS security, cloud security, Kubernetes/containers, open source, and APM Track record overachieving sales targets Ability to learn new products and processes quickly Experience with Salesforce and Clari Competitive/Driven Excellent communication skills verbal and written, team player Must be willing to travel to clients to support sales relationships (if required) Entrepreneurial Willing to go the extra mile, strong work ethic, resourceful, "get it done" attitude Ability to work with multiple sources of pipelines, including LDR, SDR, ISR and Channels Ability to cross collaborate with Marketing, Customer Success and other business units as needed Ability to bring a C level network to the table and have C level conversations What We Look For SaaS sales experience Track records of hunting new business opportunities in greenfield territories MEDDPICC experience and Challenger sales experience When You Join Sysdig, You Can Expect Extra days off to prioritize your well-being Mental health support for you and your family through the Modern Health app Great compensation package We would love for you to join us! Please reach out even if your experience doesn&apost perfectly match the job description. We can always explore other options after starting the conversation. Your background and passion will set you apart, especially if your career path is different. Some of our Hiring Managers are globally distributed, an English version of your CV will be appreciated. Sysdig values a diverse workplace and encourages women, people of color, LGBTQIA+ individuals, people with disabilities, members of ethnic minorities, foreign-born residents, and veterans to apply. Sysdig is an equal-opportunity employer. Sysdig does not discriminate on the basis of race, color, religion, sex, national origin, age, disability, genetic information, sexual orientation, gender identity, or any other legally protected status. MC1 Show more Show less

Are you ready to power the world's connections If you don't think you meet all of the criteria below but are still interested in the job, please apply. Nobody checks every box - we're looking for candidates that are particularly strong in a few areas and have some interest and capabilities in others. Kong is establishing a global Customer Assurance team that will play an important role in helping Kong gain and keep the trust of its customers around the world with respect to its information security, operational resilience, and data governance practices. Reporting to Kong's US-based Director, GRC, the Customer Assurance Senior Manager will be the first hire into this India-based team and will play an important role in helping build the team. Manage Customer Assurance: Oversee customer assurance initiatives, focusing on completing customer security questionnaires, RFP security sections, certification documentation sharing, and other due diligence requests to build trust in Kong's product and service security. Lead the customer assurance team and communicate program issues to leadership as needed. Ensure a deep understanding of the product and maintain a well-organized library of resources. Coordinate Cross-Functional Responses: Serve as the primary point of contact for customer security and compliance inquiries. Collaborate with internal teams (Compliance, Security, Engineering, Legal, etc.) to gather necessary information and provide thorough, prompt, and accurate responses to customer questionnaires and inquiries. Develop Scalable Processes: Create and refine processes to efficiently handle questionnaire completion and information security inquiry responses. Maintain a repository of standard answers, templates, and documentation to enhance efficiency and consistency. Leverage tools or automation to manage repetitive questionnaire content. Proactive Customer Assurance: Produce and maintain customer-facing security documentation and collateral (such as FAQ and trust portal content). Anticipate and address common customer questions proactively to build trust. Cross-Department Collaboration: Work closely with global Sales and Customer Success teams during pre-sales and renewal cycles to address security and compliance questions. Attend customer calls as the company's Customer Assurance representative, providing clear explanations of our security posture and practices to shorten sales cycles and reassure customers. Program Monitoring and Improvement: Track and report on customer assurance activities and metrics (such as questionnaire turnaround times, common security concerns, and customer feedback). Use these insights to continuously improve the customer assurance program, streamlining workflows, enhancing answer quality, and maintaining thorough and timely communication. What you'll bring: Experience: Over 5 years of experience in information security or compliance, with substantial involvement in security assurance or GRC programs. At least 1 year of experience in a customer-facing role, such as responding to client security questionnaires or participating in trust-building activities. Total professional experience is less than 15 years. Security Knowledge: Understanding of security and compliance frameworks/standards (such as SOC 2, ISO 27001, NIST, GDPR, CCPA). Working knowledge of cloud security principles and IT controls related to SaaS environments. Technical Skills: Expertise with cloud platforms such as GCP, Azure, or AWS, as well as containerization technologies like Docker and Kubernetes. Strong background in SaaS security. Non-Technical Skills: Experienced in creating clear and accessible documentation that explains complex technical scenarios to non-technical audiences. Process Management: Ability to manage multiple requests simultaneously and meet deadlines. Experience maturing customer assurance processes, such as implementing tools for security questionnaire automation or knowledge bases. Experience developing or improving processes to increase efficiency is a plus. Communication Skills: Ability to translate complex security concepts into clear, customer-friendly written and verbal communication. Comfortable interacting with enterprise customers and internal stakeholders. Collaboration: Ability to collaborate effectively with diverse groups (engineering, legal, sales, etc.) through proactive and customer-service-focused approaches. Education: Bachelor's degree in Information Security, Computer Science, or a related field (or equivalent work experience). This opportunity requires you to work from our office in Bangalore, India in a hybrid manner with three days in the office and two days working from home. Preferred Qualifications: Certifications: Professional certifications such as CISSP or CISA (preferred but not required). SaaS/Industry Experience: Experience working in a SaaS company, especially in cloud services or API management. About Kong: Kong Inc., a leading developer of cloud API technologies, is on a mission to enable companies around the world to become API-first and securely accelerate AI adoption. Kong helps organizations globally - from startups to Fortune 500 enterprises - unleash developer productivity, build securely, and accelerate time to market. For more information about Kong, please visit www.konghq.com or follow us on X @thekonginc.,

You will be responsible for developing, communicating, and embedding security strategies within the organization. These strategies should be designed at different levels within the organization, such as business unit level, functional level, or operational level. Your experience in any of these levels will be considered valuable. Your role will involve utilizing transferable skills that can be applied to Enterprise Security Architecture. These skills include horizon scanning & research, aligning security with business & technology goals, developing security architecture guidance & designs, providing security architecture services, sitting on / or chairing governance committees, data-driven reporting to C-suite level and heads of business units. Ideally, you should have experience working as an Enterprise Security Architect, Infrastructure/Solution Architect, or Security Architect/Consultant. Hands-on experience and knowledge in securing digital products/solutions in the Cloud (e.g. AWS, Azure, and Google) will be a significant asset for this role. A good understanding of Cloud, Application, and SaaS security concepts, best practices, and industry standards is essential for success in this position.,

As a Deputy Director with over 13 years of experience in the IT industry, including 5 years of specialized expertise in Cloud Security and a thorough understanding of the SAFE Agile framework, you will play a crucial role in ensuring the security of our cloud infrastructure. Your responsibilities will encompass driving excellence in security engineering processes, managing SIEM technologies, and actively participating in the SAFE Agile transformation of our IT operations. This role demands a blend of robust technical skills, effective leadership qualities, and a comprehensive grasp of security principles and best practices. In the domain of Cloud Security Engineering, you will be tasked with designing, implementing, and overseeing cloud security architecture across major platforms such as AWS, Azure, and Google Cloud. Your role will involve leading the establishment of secure cloud environments in compliance with industry regulations like GDPR, HIPAA, and NIST. Additionally, you will be responsible for identifying and mitigating security vulnerabilities, deploying cloud-native security tools, defining security policies and compliance rules, and implementing Role-Based Access Control (RBAC), SSO, and API security measures. Your role also entails ensuring the excellence of security engineering practices within the organization. You will lead incident response and remediation efforts, collaborate with DevOps teams to bolster secure pipelines and code practices, and set Key Performance Indicators (KPIs) for security metrics. Furthermore, you will actively drive the SAFE Agile transformation process for IT security teams, ensuring security alignment with Agile principles and facilitating security integration in all development phases. In terms of collaboration and strategy, you will work closely with IT leadership to define and execute a comprehensive security strategy aligned with business objectives. You will also mentor junior security engineers, promote knowledge-sharing practices, and engage in continuous learning to stay abreast of the latest trends and best practices in cloud security, IT security, and Agile methodologies. To qualify for this role, you should possess a minimum of 13 years of IT experience, with at least 5 years dedicated to Cloud Security engineering. Additionally, experience in SAFE Agile processes and implementations, proficiency in cloud platforms and associated security services, and relevant certifications such as CISSP, AWS Certified Security Specialty, and Certified SAFe Program Consultant (SPC) will be advantageous. Strong leadership, communication, and mentoring skills are essential attributes for this role. Join us in our mission to uphold the security of our cloud infrastructure, drive security excellence, and champion Agile transformation within our IT operations.,

Keywords: Cloud Security, Kubernetes Security, SaaS Security, DevSecOps, Infrastructure as Code, CI/CD Security, CSPM, Zero Trust, Cloud-Native Security, Identity and Access Management (IAM), Secrets Management, Threat Modeling, Risk Assessment, Secure SDLC, GitOps, API Security, Container Security Role Overview: Were looking for a Cloud-Native Security Lead to drive the security strategy across our modern cloud-native stack. This role calls for a thoughtful and pragmatic engineer, someone who understands the business context, evaluates trade-offs, and proposes secure, scalable solutions. You should be comfortable navigating ambiguity, using vendor guidance as one input, not the only one, and making decisions grounded in real-world needs. Key Responsibilities: Own and evolve the cloud-native security architecture across Kubernetes, APIs, CI/CD, and serverless platforms Define and implement practical security policies, standards, and controls Partner with engineering and DevOps to embed security early in the SDLC and infrastructure as code Evaluate and integrate security tools (e.g., SAST, DAST, CSPM, secrets management, container scanning) Lead risk assessments, threat modeling, and incident response planning Promote zero-trust principles, IAM best practices, and secure service-to-service communication Mentor teams and advocate for secure-by-design thinking across the organization Ensure security measures align with the pace and priorities of a fast-moving SaaS business Required Qualifications: 7+ years of security experience, including 23 years in cloud-native environments Strong background in SaaS security, with understanding of multitenancy, data isolation, and platform risks Deep knowledge of Kubernetes, containers, cloud platforms (AWS/GCP/Azure), and DevSecOps practices Experience with infrastructure as code (Terraform, CloudFormation), CI/CD pipelines, and GitOps Strong problem-solving skills and ability to weigh business context in security decisions Excellent communication and cross-functional collaboration skills

As a Senior Cyber Security Analyst at Worley, you will have the opportunity to work alongside a collaborative and inclusive team to deliver projects for clients while enhancing your skills and expertise in the field. Worley is a global professional services company specializing in energy, chemicals, and resources, committed to sustainable energy solutions and providing essential resources to society. The ideal candidate for this role will be a Subject Matter Expert (SME) in Cyber Security, particularly focusing on Data Loss Prevention (DLP). You will be responsible for designing, implementing, monitoring, and reporting on information security events within the DLP scope. Your role will involve managing security tools and IT systems with a specific emphasis on DLP enablement. Key responsibilities of the role include: - Designing, implementing, and optimizing DLP policies to prevent unauthorized access and data exfiltration. - Serving as an SME for DLP solutions, technologies, and best practices. - Monitoring, analyzing, and responding to DLP alerts and incidents to enhance detection accuracy. - Ensuring compliance with data protection regulations and collaborating with cross-functional teams. To excel in this role, you should possess the following attributes: - Ability to balance security measures with business needs. - Proactive approach to identifying and mitigating data loss risks. - Proficiency in DLP solutions such as Microsoft Purview, Symantec, Forcepoint, etc. - Strong knowledge of DLP policies, content inspection techniques, and data classification models. - Experience with cloud-based DLP solutions and understanding of network security and encryption techniques. At Worley, we foster a values-inspired culture that encourages belonging, connection, and innovation. We are committed to creating a diverse, inclusive, and respectful workplace where everyone can thrive and contribute to sustainable change. Join us to explore diverse opportunities, broaden your horizons, and drive impactful transformation in the energy sector. Please note that Worley takes data protection seriously and complies with EU and local data protection laws. If you are interested in this role, please apply directly to Worley as applications through recruitment agencies will not be considered.,