Job
Description
Design and implementing, managing, and monitoring security measures to protect our SaaS applications and the data of our customers. You will work closely with cross-functional teams to ensure our cloud security practices meet industry standards and comply with relevant regulations. As a SAAS Security Specialist, the individual will be a member of the Global Information Security team ensuring that Invesco s landscape is secure. You Will Be Responsible For: Develop and implement security strategies, policies, and procedures for SaaS applications. Security Posture Management: Implement and manage security posture management solutions using Adaptive Shield to continuously assess and improve the security of our SaaS applications. SaaS Application Onboarding: Lead the onboarding process for new SaaS applications, ensuring they meet security standards using MDCA and CrowdStrike Adaptive Shield. User Access Management: Implement and manage user access controls within SaaS applications using MDCA and Adaptive Shield. Data Encryption: Ensure data encryption standards are met across all SaaS applications. Vulnerability Management: Conduct regular vulnerability assessments and penetration testing using MDCA and Adaptive Shield to identify and mitigate security risks. Secure Development Practices: Collaborate with development teams to integrate security best practices into the software development lifecycle, ensuring secure-by-default solutions. Risk Assessment: Conduct regular security assessments and threat modeling to identify and mitigate potential risks in SaaS applications Monitor and respond to security incidents, vulnerabilities, and threats in the cloud environment. Defining technical security requirements related to cloud workloads that require integration with IAM, Security Groups, Data and Information Protection, CI/CD pipelines, Kubernetes, Security Information Event Monitoring (SIEM) systems integration, and others Researching and designing current and future cloud security solutions to improve compliance with NIST Framework and Cloud Security Alliance guidance by working to identify common patterns for template provisioning Developing and deploying infrastructure as a code scripts to implement and optimize security controls and mechanisms of a cloud infrastructure Supporting cloud projects, tactical initiatives and provide hands on implementation of various security technologies & processes with focus on cloud security. Support key business and tech projects related to Cloud Transformation. Providing appropriate support activities such as patches, upgrades, break fix and improvements Providing appropriate cloud security engineering and support activities such as patches, upgrades, enhancements Providing metrics and periodic updates on various projects assigned Investigating, documenting, and reporting on information security issues and emerging trends related to cloud environments globally Optimize existing automation solutions for performance and reliability. Staying updated with the latest technologies and tools in automation and continuously improving skills. Other Attend scheduled meetings with Team Lead/Department/Town Hall representation Become familiar with company methodologies Actively participate with Team Lead in creating personal development plan Provide the Team Lead with ideas to enhance or improve team processes and procedures and ensure agreed procedures are followed Attend scheduled training sessions Administrative activities - time sheets/compliance requests Work Experience / Knowledge: 5 - 8 years experience in an information security role, supporting SAAS Applications security programs and security engineering/architecture in complex enterprise environments Minimum of 7 years of experience in SaaS security, with hands-on experience using MDCA and Adaptive Shield. hands-on experience designing, configuring, and implementing enterprise-wide Cloud security solutions across AWS, Azure, Oracle and other major cloud providers, including microservices security Experience with cloud deployment orchestration, automation, and security configuration management Proficiency in one or more scripting languages such as Python and Powershell, including JSON Experience with blueprints, patterns, and guidelines that standardize and accelerate organizational cloud adoption and align to industry compliance frameworks such as SOX, PCI-DSS, HIPPA, NIST, ISO, GDPR, SOC1/2, etc. Knowledge of various security methodologies and processes, and technical security solutions, such as Prisma Cloud, Wiz, Container security, McAfee CASB, SIEM (Qradar/Splunk), IAM, Virtual Palo Alto, and other workload protection and security solutions Inter-personal skills / Other attributes required: Strong problem-solving capabilities with an analytical, methodical approach Excellent verbal and written communication skills, including impressive email communication abilities. Can articulate complex technical issues in a manner understandable to non-technical individuals. Adaptable to working in a global, multicultural environment. Exhibits a structured, disciplined approach to work with keen attention to detail. Displays disciplined time management skills. Capable of multitasking and handling multiple initiatives concurrently. Self-motivated and proficient in working with minimal supervision. Responds positively under pressure to meet tight deadlines. Can work effectively both independently and as a collaborative team player. Thrives on challenging work and exhibits a strong desire to learn and advance. Formal Education: BTech in Computer Science or Bachelors degree in Computer Science Our benefit policy includes but not limited to: Competitive Compensation Flexible, Hybrid Work 30 days Annual Leave + Public Holidays Life Insurance Retirement Planning Group Personal Accident Insurance Medical Insurance for Employee and Family Annual Health Check-up 26 weeks Maternity Leave Paternal Leave Adoption Leave Near site Childcare Facility Employee Assistance Program Study Support Employee Stock Purchase Plan ESG Commitments and Goals Business Resource Groups Career Development Programs Mentoring Programs Invesco Cares Dress for your Day
