Job Description
Principal Security Engineer, SaaS Security Posture Management, SSPM Platform Lead
Location: Hybrid - 4 days onsite, 1 remote in one of the following hubs: | Pittsburgh, PA | Cleveland, OH
Summary
Lead the strategy, rollout, and ongoing management of the enterprise SSPM program. Own the platform end to end, drive SaaS onboarding and security posture improvements, and partner across cybersecurity, risk, IT, and business teams to reduce data exposure and strengthen controls across a growing SaaS environment.
Key Responsibilities
Own SSPM platform management across planning, onboarding, configuration, and operations for enterprise SaaS applications
Develop and execute SSPM roadmap aligned to risk, business criticality, and regulatory requirements
Configure and continuously tune SSPM controls to monitor SaaS security posture and align with policy and best practices
Conduct threat modeling and risk assessments for SaaS integrations and APIs
Integrate SSPM with SIEM, SOAR, ITSM, and identity platforms to enable automation, alerting, and reporting
Partner with Cyber Operations to define detection rules, alert thresholds, and escalation processes
Establish SaaS governance processes including onboarding, configuration baselines, access reviews, and third party risk
Track and report SSPM metrics such as posture scores, remediation timelines, and coverage to leadership
Drive remediation of misconfigurations, excessive access, and data exposure with application owners
Support compliance by mapping SSPM findings to frameworks such as NIST, CIS, SOC 2, PCI DSS, ISO 27001
Maintain awareness of emerging SaaS threats and continuously enhance SSPM capabilities
Contribute to SaaS security policies, standards, and training programs
Required Qualifications
Bachelor's degree or equivalent experience in Computer Science, Information Security, or related field
7+ years experience in cybersecurity engineering or related discipline
2+ years hands on experience with SSPM tools
Deep knowledge of SaaS security models including APIs, OAuth, OIDC, federation, and SaaS integrations
Experience securing enterprise SaaS platforms such as Microsoft 365, Salesforce, ServiceNow, Workday, Google Workspace
Strong knowledge of SIEM, SOAR, ITSM, and security workflow orchestration
Experience with identity and access management including least privilege, privilege escalation, and non human identities
Understanding of regulatory frameworks including NIST, CIS, SOC 2, PCI DSS, ISO 27001
Strong communication skills translating technical risk into clear actions
Proven ability to lead cross functional initiatives and deliver results
Preferred Qualifications
Certifications such as CISSP, CCSP, CISM, SSCP, or cloud security certifications
Experience with SaaS security and data protection platforms
Scripting or automation experience such as Python or PowerShell
Background in regulated industries such as financial services or healthcare
Experience building security governance programs and risk frameworks
Exposure to AI security risks including securing AI agents and preventing data leakage
Core Skills
Systems implementation and rollout, advanced, leads enterprise platform deployments and SaaS onboarding
Compliance and controls, intermediate, implements and monitors controls aligned to regulatory standards
Cybersecurity strategy, intermediate, aligns SSPM operations with enterprise security strategy
Emerging technologies, advanced, evaluates and deploys new SaaS security and AI security capabilities
Incident and problem management, intermediate, supports alert triage and remediation coordination
Capacity optimization, intermediate, manages licensing and platform scale
Contingency planning, intermediate, supports resiliency and monitoring continuity planning
Core Capabilities
Building relationships, advanced, partners across cyber, IT, risk, and business teams
Industry insight, advanced, stays current on SaaS threats and SSPM market trends
Technologically savvy, advanced, deep SSPM platform expertise and tool integration
Leading others, intermediate, provides guidance and drives deliverables
Strategic thinking, advanced, converts risk insights into actionable plans
Customer centricity, advanced, designs effective onboarding and user experience
Collaboration, intermediate, works cross functionally to solve security challenges
Innovation, advanced, drives automation and continuous improvement
Agility, advanced, adapts to evolving threats and priorities
Inclusion, advanced, promotes inclusive collaboration across teams
Performance measurement, advanced, defines KPIs and tracks outcomes
Motivation, advanced, drives accountability and adoption across stakeholders
Equal Opportunity Employer
We are committed to building a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to legally protected status.
Pay Transparency
The salary range for this position is from $135,000 to $180,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to, the budget, work location, relevant skills, and experience.
We offer competitive pay, comprehensive medical, dental, and vision coverage, retirement benefits, maternity and paternity leave, flexible work arrangements, education reimbursement, wellness programs, and more. Citizens' paid time off policy exceeds the mandatory paid sick or paid time away policies of local and state jurisdictions in the United States. For an overview of our benefits, visit our Careers site - ;br>
#LI-Citizens1
About Us
Equal Employment Opportunity
Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family statparenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.
Equal Employment and Opportunity Employer
Job Applicant Data Privacy Policy
Background Check
Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.
Principal Security Engineer, SaaS Security Posture Management, SSPM Platform Lead
Location: Hybrid - 4 days onsite, 1 remote in one of the following hubs: | Pittsburgh, PA | Cleveland, OH
Summary
Lead the strategy, rollout, and ongoing management of the enterprise SSPM program. Own the platform end to end, drive SaaS onboarding and security posture improvements, and partner across cybersecurity, risk, IT, and business teams to reduce data exposure and strengthen controls across a growing SaaS environment.
Key Responsibilities
Own SSPM platform management across planning, onboarding, configuration, and operations for enterprise SaaS applications
Develop and execute SSPM roadmap aligned to risk, business criticality, and regulatory requirements
Configure and continuously tune SSPM controls to monitor SaaS security posture and align with policy and best practices
Conduct threat modeling and risk assessments for SaaS integrations and APIs
Integrate SSPM with SIEM, SOAR, ITSM, and identity platforms to enable automation, alerting, and reporting
Partner with Cyber Operations to define detection rules, alert thresholds, and escalation processes
Establish SaaS governance processes including onboarding, configuration baselines, access reviews, and third party risk
Track and report SSPM metrics such as posture scores, remediation timelines, and coverage to leadership
Drive remediation of misconfigurations, excessive access, and data exposure with application owners
Support compliance by mapping SSPM findings to frameworks such as NIST, CIS, SOC 2, PCI DSS, ISO 27001
Maintain awareness of emerging SaaS threats and continuously enhance SSPM capabilities
Contribute to SaaS security policies, standards, and training programs
Required Qualifications
Bachelor's degree or equivalent experience in Computer Science, Information Security, or related field
7+ years experience in cybersecurity engineering or related discipline
2+ years hands on experience with SSPM tools
Deep knowledge of SaaS security models including APIs, OAuth, OIDC, federation, and SaaS integrations
Experience securing enterprise SaaS platforms such as Microsoft 365, Salesforce, ServiceNow, Workday, Google Workspace
Strong knowledge of SIEM, SOAR, ITSM, and security workflow orchestration
Experience with identity and access management including least privilege, privilege escalation, and non human identities
Understanding of regulatory frameworks including NIST, CIS, SOC 2, PCI DSS, ISO 27001
Strong communication skills translating technical risk into clear actions
Proven ability to lead cross functional initiatives and deliver results
Preferred Qualifications
Certifications such as CISSP, CCSP, CISM, SSCP, or cloud security certifications
Experience with SaaS security and data protection platforms
Scripting or automation experience such as Python or PowerShell
Background in regulated industries such as financial services or healthcare
Experience building security governance programs and risk frameworks
Exposure to AI security risks including securing AI agents and preventing data leakage
Core Skills
Systems implementation and rollout, advanced, leads enterprise platform deployments and SaaS onboarding
Compliance and controls, intermediate, implements and monitors controls aligned to regulatory standards
Cybersecurity strategy, intermediate, aligns SSPM operations with enterprise security strategy
Emerging technologies, advanced, evaluates and deploys new SaaS security and AI security capabilities
Incident and problem management, intermediate, supports alert triage and remediation coordination
Capacity optimization, intermediate, manages licensing and platform scale
Contingency planning, intermediate, supports resiliency and monitoring continuity planning
Core Capabilities
Building relationships, advanced, partners across cyber, IT, risk, and business teams
Industry insight, advanced, stays current on SaaS threats and SSPM market trends
Technologically savvy, advanced, deep SSPM platform expertise and tool integration
Leading others, intermediate, provides guidance and drives deliverables
Strategic thinking, advanced, converts risk insights into actionable plans
Customer centricity, advanced, designs effective onboarding and user experience
Collaboration, intermediate, works cross functionally to solve security challenges
Innovation, advanced, drives automation and continuous improvement
Agility, advanced, adapts to evolving threats and priorities
Inclusion, advanced, promotes inclusive collaboration across teams
Performance measurement, advanced, defines KPIs and tracks outcomes
Motivation, advanced, drives accountability and adoption across stakeholders
Equal Opportunity Employer
We are committed to building a diverse and inclusive workplace. All qualified applicants will receive consideration for employment without regard to legally protected status.
Pay Transparency
The salary range for this position is from $135,000 to $180,000 per year, plus an opportunity to earn an annual discretionary bonus. Actual pay is based on various factors including but not limited to, the budget, work location, relevant skills, and experience.
We offer competitive pay, comprehensive medical, dental, and vision coverage, retirement benefits, maternity and paternity leave, flexible work arrangements, education reimbursement, wellness programs, and more. Citizens' paid time off policy exceeds the mandatory paid sick or paid time away policies of local and state jurisdictions in the United States. For an overview of our benefits, visit our Careers site - ;br>
#LI-Citizens1
About Us
Equal Employment Opportunity
Citizens, its parent, subsidiaries, and related companies (Citizens) provide equal employment and advancement opportunities to all colleagues and applicants for employment without regard to age, ancestry, color, citizenship, physical or mental disability, perceived disability or history or record of a disability, ethnicity, gender, gender identity or expression, genetic information, genetic characteristic, marital or domestic partner status, victim of domestic violence, family statparenthood, medical condition, military or veteran status, national origin, pregnancy/childbirth/lactation, colleague's or a dependent's reproductive health decision making, race, religion, sex, sexual orientation, or any other category protected by federal, state and/or local laws. At Citizens, we are committed to fostering an inclusive culture that enables all colleagues to bring their best selves to work every day and everyone is expected to be treated with respect and professionalism. Employment decisions are based solely on merit, qualifications, performance and capability.
Equal Employment and Opportunity Employer
Job Applicant Data Privacy Policy
Background Check
Any offer of employment is conditioned upon the candidate successfully passing a background check, which may include initial credit, motor vehicle record, public record, prior employment verification, and criminal background checks. Results of the background check are individually reviewed based upon legal requirements imposed by our regulators and with consideration of the nature and gravity of the background history and the job offered. Any offer of employment will include further information.