Sr. SaaS Application Security Engineer

We're seeking an experienced Security Engineer - SaaS Applications to assess, monitor, and improve the security configuration and risk posture of our SaaS applications. This role will work closely with IT, Security, and Business teams to ensure compliance with security best practices, regulatory requirements, and internal policies. The ideal candidate has a strong understanding of cloud-based SaaS environments, security frameworks, and risk assessment methodologies.

Plan & Design
Build compliance requirements and SaaS Application security baselines, ensuring SaaS applications are implemented to align with requirements. Evaluate new applications to ensure implementation can meet security baselines.  Research options for compliance remediation and coordinate with the Systems Administration team to implement solutions.  Determine risks and remediation options with implemented SaaS applications.  Monitor third-party risk exposure, reviewing vendor security practices, data protection measures, and incident response plans. Influence internal security strategy, to develop and execute security initiatives to meet our objectives, and to define the criteria and measurements that we use to assess our progress. Work with IT and business stakeholders to integrate security controls into SaaS procurement and governance processes. Collaborate and build relationships with multiple teams throughout the organization, including IT, software engineering, and DevOps.
Execute
Document SaaS application configuration settings, integrations, service accounts and take ownership of recertification needs.  Evaluate the security configuration, access controls, and risk posture of SaaS applications used across the organization. Secure single-sign on platforms and enforce strong access controls across SaaS and in-house systems. Implement and maintain continuous monitoring processes to detect misconfigurations, access anomalies, and potential security threats. Perform account lifecycle management auditing tasks and create documentation detailing account lifecycle needs.  Examine all relevant application logs to determine trends and identify incidents or areas for concern.  Validate and maintain incident response plans and processes to address potential threats.  Assist in compliance audits and security certifications by providing necessary documentation and technical insights.
Compile and analyze data for management reporting and metrics. 
Work Location: Singapore-CapitaSky

Experience with SSPM.
3+ years of experience in Identity, authentication, and access management.
3+ years of experience in Saas Application Integration and configuration management.
3+ years of experience in performing SaaS security and configuration assessments.
3+ years of experience in Working knowledge of compliance standards and risk mitigation.
Experience securing key enterprise systems, including e-mail and communications, developer tools, customer relationship management, and back-office functions.
Strong problem-solving abilities.
Experience working with remote, globally distributed teams.
Demonstrated proficiency in working with cross-functional teams, including IT, Security, GRC and other business owners.
Basic scripting skills in Python, PowerShell, or Bash.
Information Security and Cloud-Relevant certifications are preferred.。加分项：