Info Security Analyst

Role Overview

We are seeking an experienced Info Security Analyst (SaaS) to strengthen our security posture within complex Software-as-a-Service environments. This role is critical for conducting rigorous risk assessments of third-party SaaS providers, analyzing user traffic patterns to identify enterprise risks, and fostering cross-functional collaboration with technology and business teams to ensure full regulatory compliance.

Key Responsibilities

• Execute comprehensive risk assessments against Third-Party SaaS vendors by evaluating evidence, interviewing technical stakeholders, and validating control design versus operating effectiveness.
• Analyze user traffic accessing external third-party sites and services to determine, quantify, and report on enterprise-wide risks.
• Monitor emerging security trends and align organizational objectives with evolving industry needs.
• Create and maintain robust operational documentation and reports to support monthly trend analysis and project deliverables.
• Evaluate diverse SaaS technologies and tools for technical feasibility, functional fit, and financial viability.
• Partner with technology and business units to drive timely execution of security initiatives.
• Provide expert guidance on the Cloud Program, covering Software as a Service (SaaS) strategies and Cloud Application Architecture subprograms.

Mandatory Requirements

• Minimum 4+ years of relevant experience in information security or cloud architecture.
• In-depth knowledge of data classification solutions.
• Strong understanding of Multi-tenant SaaS environments and their unique security challenges.
• Expertise in the Cloud shared responsibility model, specifically distinguishing between IaaS, PaaS, and SaaS differences.
• Solid experience with containerization technologies including Docker and Kubernetes.
• Familiarity with identity federation protocols such as SAML and OIDC.
• Proficiency with financial industry standards and regulations including FedRamp, NIST, CSA, and PCI-DSS.