SaaS Security Posture Management Analyst

The SaaS Security Posture Management (SSPM) Analyst plays a critical operational role in securing the enterprise SaaS ecosystem. This role partners closely with SaaS application owners, identity and access management teams, SOC, and governance partners to onboard SaaS applications into SSPM tooling, establish security baselines, monitor posture, and drive remediation of identified risks. The SSPM Analyst focuses on execution, analysis, and coordination to ensure SaaS risks are continuously identified, monitored, and reduced.

Key Responsibilities

SaaS Application Onboarding & Integration

• Partner with application owners and technical teams to integrate SaaS applications into SSPM tooling
• Maintain an accurate inventory of onboarded SaaS applications and integration status

• Assist with establishing and documenting SaaS security configuration baselines
• Continuously monitor SaaS applications for configuration drift, identity risks, and integration issues

• Review SSPM findings and assist with validation, prioritization, and false positive analysis
• Coordinate with stakeholders to support remediation and risk acceptance workflows

• Support annual SSPM baseline reviews and recertification efforts
• Maintain evidence and documentation required for governance and assurance activities

• Assist with SSPM reporting, dashboards, and metrics
• Identify trends and repeat issues to inform future control improvements
• Proactively partner with stakeholders on SaaS app changes, SaaS services additions, etc.

• Experience working in cybersecurity, cloud security, or SaaS application administration
• Foundational understanding of SaaS security concepts, identity management, and integrations
• Strong analytical skills and attention to detail
• Ability to work cross-functionally and communicate effectively with technical and non-technical partners

• Experience with SaaS Security Posture Management tools (ex: AppOmni, Falcon Shield, Obsidian Security) or similar security platforms
• Familiarity with security frameworks such as NIST CSF
• Experience supporting audits, risk assessments, or compliance activities