Cybersecurity Engineer

WORK OPTION: Remote

The NBA is committed to providing a safe and healthy workplace.  To safeguard our employees and their families, our visitors, and the broader community from COVID-19, and in consideration of recommendations from health authorities and the NBA’s own advisors, any individual working onsite in our New York and New Jersey offices must be fully vaccinated against COVID-19. The NBA will discuss accommodations for individuals who cannot be vaccinated due to a medical reason or sincerely held religious belief, practice, or observance.

Position Summary

We are seeking a dynamic and detail-oriented Cybersecurity engineer specializing in SaaS Security Posture Management (SSPM) to join our innovative team. In this critical role, you'll be the guardian of our SaaS landscape, ensuring that every aspect of our application ecosystem is fortified against the ever-evolving threats of the digital world. With your finger on the pulse of the latest in cloud security, you'll be responsible for implementing and managing robust security strategies, conducting risk assessments, and deploying cutting-edge SSPM tools to maintain impeccable security standards.

As a vital member of our cybersecurity group, you'll collaborate with cross-functional teams to drive the development and enforcement of security policies that align with industry standards and regulatory requirements. This role will be pivotal in identifying potential vulnerabilities, while your proactive approach will help orchestrate rapid response to security incidents. You'll not only be addressing the technical side but will also have the opportunity to shape the security mindset across the organization. If you're passionate about cloud security, thrive in fast-paced environments, and are eager to make a significant impact by safeguarding our SaaS offerings, we can't wait to have you onboard!

Major Responsibilities

• Inventory all SaaS apps, including those procured by business users and not IT or security teams.
• Continuously identify inventory and monitor SaaS apps and access.
• Document integration of 3rd party applications & APIs. API permissions.
• Keep track of changes in SaaS data classification, configuration management, and manual permission reviews.
• Build and enhance security standards for ongoing monitoring and reducing risk associated with confidential data in SaaS applications.
• Deliver alignment to security frameworks, track due diligence, and monitor compliance for applicable frameworks such as ISO 27001, NIST CSF, NIST 800-53
• Drive remediation of security posture draft to ensure that SaaS applications have the precise security configurations in place
• Ensure all users have the correct level of access and the SaaS environment access is RBAC. 
• Drive implementation of SSO and MFA. 
• Manage  SaaS Security Posture Management (SSPM) Platform and remediate issues identified via SSPM.
• Onboard all SaaS apps into SSPM
• Scan APIs, security controls, and configuration settings via SSPM
• Identify application misconfigurations & policy violations via SSPM
• Monitor, via SSPM, suspicious logins, brute force attempts, OAuth issues, over-privileged user access, and configuration drift.
• Review and Secure Third-Party Connected Applications
• Map SaaS apps and security requirements.

Required Education/Professional Experience

• Bachelor's Degree in Computer Science 
• All Certifications are preferred, not required:
  • Certified Information Systems Security Professional (CISSP) 
  • Certified Cloud Security Professional (CCSP)
  • Certified Information Security Manager (CISM)
  • SaaS-specific security certifications

Required Skills/Knowledge Attributes

• Technical Skills:
  • Knowledge of Software as a Service (SaaS) delivery models and how they differ from traditional on-premises software.
  • Familiarity with security frameworks such as ISO 27001, NIST, and CIS Benchmarks.
  • In-depth understanding of cloud security principles, including cloud-native vulnerabilities and threat vectors.
  • Ability to use SSPM tools to monitor and manage the security posture of SaaS applications.
  • Knowledge of compliance requirements such as GDPR, HIPAA, and SOC 2 that pertain to data security in SaaS environments.
  • Understanding of IAM principles and tools to manage user identities and access within SaaS platforms.
  • Skills in data encryption, tokenization, and other data protection methods relevant to SaaS applications.
  • Familiarity with secure network architectures, VPNs, and secure web gateways.
  • Ability to develop and execute incident response plans for security incidents that involve SaaS platforms.
• Analytical Skills:
  • Ability to identify, assess, and mitigate risks associated with SaaS offerings.
  • Proficiency in analyzing potential threats and vulnerabilities specific to SaaS environments.
  • Skills to perform regular audits of SaaS security postures and ensure continuous compliance.
  • Creating clear and comprehensive reports for management, illustrating the security posture of SaaS applications.
• Soft Skills:
  • Effective communication skills to articulate security risks and recommendations to non-technical stakeholders.
  • Strong problem-solving skills to swiftly address any security issues that arise.
  • Ability to collaborate with other IT and security teams to manage the organization’s SaaS security posture.
  • Staying up-to-date with the latest cybersecurity trends, threats, and technologies affecting SaaS platforms.
  • Organizational and project management skills to oversee security projects and initiatives.

Salary Range: $167,500 - $190,000 

We Consider Applicants For All Positions On The Basis Of Merit, Qualifications And Business Needs, And Without Regard To Race, Color, National Origin, Religion, Sex, Gender Identity, Age, Disability, Alienage Or Citizenship Status, Ancestry, Marital Status, Creed, Genetic Predisposition Or Carrier Status, Sexual Orientation, Veteran Status, Familial Status, Status As A Victim Of Domestic Violence Or Any Other Status Or Characteristic Protected By Applicable Federal, State, Or Local Law.