Senior SaaS Security Engineer
Remote - United States
Applications have closed
Ginger
Headspace can support any team, of any size, at any time through EAP, coaching, therapy, psychiatry services, meditation & mindfulness.
Headspace and Ginger have recently merged to become Headspace Health! While roles are still being recruited separately on our respective websites, new hires from this point forward will be joining Headspace Health. For more information, please speak with your recruiter!
About the Senior SaaS Security Engineer at Headspace Health:
The Senior SaaS Security Engineer will be a key member of the technical team responsible for assessing and securing the SaaS services used by our global organization. You will improve the review processes for SaaS products and infrastructure to enumerate relevant security concerns. You will design solutions and work hands-on to implement tooling/configurations that mitigate associated risk as applicable. You will regularly work with both technical and non-technical teams across the organization to identify the needs of stakeholders. You use your industry experience to own and drive the resolution of complex security incidents, policy questions and technical security issues.
Beyond the methodologies and tools, it is important for you to drive a culture of security and develop an attacker's mind-set. You will work with a diverse team of talented leaders and contributors who all are working collaboratively to realize our vision of improving the health and happiness of the world.
How your skills and passion will come to life at Headspace Health:
- Interact with technology teams, stakeholders, and SaaS providers to ensure appropriate security capabilities and controls are implemented.
- Provide oversight and reviews of SaaS solutions via repeatable processes to ensure security best practices are configured and enforced (IAM, Config Hardening, Key Rotations, etc.).
- Implement processes, detection mechanisms and/or guardrails to detect and resolve insecure SaaS configurations.
- Implement required configurations and additional security tooling to appropriately mitigate risk.
- Create and maintain documentation for related security standards and processes.
- Act as a key member for incident investigation activities.
- Continuously research, design, advocate and recommend new security technologies, architectures, and products that will ensure compliance requirements are met and risk is appropriately mitigated.
- Develop the ability to effectively navigate a highly complex environment to independently retrieve technical evidence for gaining assurance over effectiveness of controls.
What you’ve accomplished:
- 5+ years of work experience in SaaS security, security architecture and/or cloud security.
- Experience evaluating system design, with knowledge of security assessment processes and design reviews.
- Experience with SSPM (SaaS Security Posture Management), configuration management, logging and monitoring, and IAM.
- Knowledge of least privilege, Single Sign-On, zero trust network principles, secure access service edge, data loss prevention, CASB or similar technologies.
- Experience with Python, TypeScript, etc.
- Strong written and verbal communication skills. Ability to influence and collaborate at every level.
- Ability to efficiently handle ambiguity and appropriately prioritize competing projects.
- Ability to work autonomously on multiple projects with a geographically distributed team.
- Familiarity with one or more industry security compliance frameworks and/or regulations such as ISO 27001/2, PCI-DSS, HIPAA, FedRAMP, CIS, HITRUST, SOC 2, NIST 800-53, etc. are a plus
- Certifications from organizations such as ISC2, GIAC, etc. are a plus
How to get started:
If you’re excited by the idea of seeing yourself in this role at Headspace Health, please apply with your resume and a cover letter that best expresses your interest and unique qualifications.
How we feel about Diversity & Inclusion:
Headspace Health is committed to bringing together humans from different backgrounds and perspectives, providing employees with a safe and welcoming work environment free of discrimination and harassment. We strive to create a diverse & inclusive environment where everyone can thrive, feel a sense of belonging, and do impactful work together.
As an equal opportunity employer, we prohibit any unlawful discrimination against a job applicant on the basis of their race, color, religion, gender, gender identity, gender expression, sexual orientation, national origin, family or parental status, disability*, age, veteran status, or any other status protected by the laws or regulations in the locations where we operate. We respect the laws enforced by the EEOC and are dedicated to going above and beyond in fostering diversity across our workplace.
*Applicants with disabilities may be entitled to reasonable accommodation under the terms of the Americans with Disabilities Act and certain state or local laws. A reasonable accommodation is a change in the way things are normally done which will ensure an equal employment opportunity without imposing undue hardship on Headspace Health. Please inform our Talent team if you need any assistance completing any forms or to otherwise participate in the application process.
Headspace Health participates in the E-Verify Program.
Headspace Health is committed to protecting the privacy and security of your personal data. Please view our privacy notice here.
Tags: Cloud Compliance FedRAMP GIAC HIPAA HITRUST IAM ISO 27001 Monitoring NIST Privacy Python SaaS Security assessment SOC SOC 2 TypeScript
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Cyber Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Senior Cyber Security Engineer jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Staff Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open IT Security Engineer jobs
- Open Clearance-related jobs
- Open ISO 27001-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Malware-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs