SaaS Security Analyst

Stellantis

Casablanca-Settat

Description

Job summary

The role of SaaS Security Analyst is to ensure the security posture of key SaaS applications and platforms for Stellantis. The role will be to work with IT teams and Business partners to make sure the SaaS applications and Platforms are secure from malicious attack, Denial of Service and Data loss.

The SaaS Security Analyst will work to make sure that cybersecurity is part of the original design of new services and is implemented in a secure way that meets internal control compliance and industry best practices.

Responsibilities

  • Analyzes SaaS applications for Vulnerabilities, conducts security assessments, and recommends remediation measures.
  • Build compliance requirements and SaaS Application security baselines, ensuring SaaS applications are implemented to align with requirements.
  • Evaluate new applications to ensure implementation can meet security baselines.
  • Research options for compliance remediation and coordinate with the SaaS Systems Administration team to implement solutions.
  • Determine risks and remediation options with implemented SaaS applications.
  • Ensure all SaaS applications are configured with best practices and perform routine auditing of settings and newly released features.
  • Validate incident response plans and processes to address potential threats.
  • Compile and analyze data for management reporting and metrics.
  • Ensure that all SaaS applications follow a standardized lifecycle management process and perform routine audits, as necessary.
  • Evaluate account lifecycle management for auditing tasks and create documentation detailing account lifecycle needs.
  • Perform continuous monitoring of SaaS platform applications, identifying areas of shadow IT, and initiating remediation efforts.
  • Prepare guidelines for documenting SaaS application configuration settings, integrations, and service account.
  • Provides advisory services to organizations on selecting and implementing secure SaaS solutions, evaluating vendor security, and managing risks.
  • Others as needed.

Required Qualifications

  • Bachelor's degree in computer science or a technology related field.
  • 5+ years of work experience; preferably in cybersecurity/IT
  • Problem-solving skills and the ability to work both independently and as part of a team.
  • Technical writing and communication skills to articulate security risks and findings to both technical and non-technical audiences
  • Experience reviewing IT security and compliance documentation from a risk perspective.
  • Understanding of SaaS applications and their security considerations
  • Knowledge of security best practices for modern cloud-based SaaS organizations
  • Experience working on security projects involving multiple collaborating stakeholders
  • Basic knowledge of software development and architecture

Desired Qualifications

  • At least two years of information security experience at an organization with significant compliance requirements
  • Application security or development experience.
  • Deep Cybersecurity experience around SaaS threats and landscapes.
  • Working knowledge of SaaS Applications such as O365, Salesforce, Snowflake, etc
  • CISSP, CCSP, CISA, CISM or similar certification.
  • Experience with cloud environments, encompassing architecture, services, security, and governance.
  • Experience in incident response, threat triage, log analysis, and data correlation
  • Familiarity with security standards (SOC 2, ISO 27001, NIST) as well as privacy laws (CCPA and GDPR)

At Stellantis, we assess candidates based on qualifications, merit and business needs. We welcome applications from people of all gender identities, age, ethnicity, nationality, religion, sexual orientation and disability. Diverse teams will allow us to better meet the evolving needs of our customers and care for our future.