NEWPosted 5 hours ago

Job ID: JOB_ID_2719

Position Summary

We are looking for a dedicated SAAS Assessor to join our security and compliance team in Phoenix, AZ. This role is vital for ensuring that our third-party Software-as-a-Service (SaaS) platforms meet the highest standards of security and data protection. As a SAAS Assessor, you will be responsible for evaluating the security posture of various cloud-based applications, identifying potential risks, and working with vendors to implement necessary technical controls. This position requires a deep understanding of cloud infrastructure and modern security frameworks.

Core Responsibilities

  • Evaluate SaaS platforms against established security frameworks, including ISO 27001, SOC 2, HIPAA, and GDPR.
  • Perform deep-dive technical assessments of SaaS architectures, focusing on cloud infrastructure and API security.
  • Review and analyze technical security controls, specifically Identity and Access Management (IAM), network security, and data encryption.
  • Utilize Web Application Firewalls (WAF) and other security tools to assess the vulnerability of web-based applications.
  • Identify, document, and communicate security risks to internal stakeholders and external vendors.
  • Define and document comprehensive strategies to remediate identified vulnerabilities and reduce overall organizational risk.
  • Monitor vendor performance and compliance status continuously, ensuring that security standards are maintained throughout the lifecycle of the engagement.
  • Collaborate with procurement and legal teams to ensure security requirements are integrated into vendor contracts.
  • Stay current with emerging threats in the SaaS landscape and adjust assessment methodologies accordingly.
  • Provide expert guidance on data protection and information security principles to various business units.

Technical Expertise

  • Strong understanding of SaaS architecture and the shared responsibility model in cloud computing.
  • In-depth knowledge of API security best practices and common vulnerabilities (OWASP API Top 10).
  • Experience with network security protocols and the implementation of Web Application Firewalls (WAF).
  • Proficiency in analyzing technical security controls across different cloud service providers (AWS, Azure, GCP).
  • Ability to interpret complex technical documentation and security audit reports.
  • Strong analytical skills with the ability to identify patterns and anomalies in security data.

Compliance & Standards

  • Extensive experience with ISO 27001 and SOC 2 Type II reporting and auditing.
  • Familiarity with global data privacy regulations, including GDPR and CCPA.
  • Understanding of healthcare-specific compliance requirements such as HIPAA/HITECH.
  • Ability to map technical controls to regulatory requirements effectively.

Required Qualifications

  • Bachelor’s degree in Cybersecurity, Information Systems, or a related technical field.
  • Professional certifications such as CISA, CISSP, or CCSK are highly preferred.
  • Excellent written and verbal communication skills, with the ability to produce detailed technical reports.
  • Proven ability to work independently and manage multiple assessment projects simultaneously.

Special Requirements

GC ONLY

Compensation & Location

Salary: $150,000 – $200,000 per year (Estimated)

Location: Phoenix, AZ

Recruiter / Company – Contact Information

Email: c2crequirementc2c2024@googlegroups.com

Interested in this position?
Apply via Email

Recruiter Notice:
To remove this job posting, please send an email from
c2crequirementc2c2024@googlegroups.com with the subject:

DELETE_JOB_ID_2719

to delete@join-this.com.