Staff Security Engineer, Enterprise / SaaS Security
Nscale · Seattle, WA · 3 mo ago
RemoteRemoteInformation Technology$175k–$225k/yrFull-time
About the role
We’re hiring a Staff Security Engineer, Enterprise / SaaS Security to lead the security strategy and architecture for Nscale’s SaaS and enterprise application ecosystem.
This role will be part of the global CISO organization.
What you'll be doing
- SaaS Security Strategy & Architecture
- Define and drive Nscale’s SaaS security strategy and roadmap
- Own the security architecture for the company’s SaaS and enterprise application ecosystem
- Build scalable security solutions that support rapid, secure tool adoption across the organization
- Drive user-friendly security approaches that balance protection with productivity
- Application Discovery, Governance & Risk Reduction
- Discover and assess SaaS application inventory across the company
- Identify and reduce risks associated with shadow IT
- Establish governance for application onboarding, risk reviews, and vendor security assessments
- Manage how SaaS applications are secured and governed throughout their lifecycle
- Access Controls & Identity Integration
- Design and enforce secure configurations and access controls across SaaS platforms
- Partner with Identity teams to implement SSO, SCIM provisioning, and lifecycle management
- Implement and automate least-privilege access and role-based controls across enterprise tools
- Strengthen enterprise access models in alignment with identity systems and governance standards
- Security Controls, Monitoring & Cross-Functional Enablement
- Build and scale SaaS security controls, including CASB/SSPM, posture management, and monitoring
- Integrate SaaS platforms into logging, monitoring, and detection systems
- Partner with Legal, IT, and Compliance teams to align with security policies and regulatory requirements
- Influence stakeholders across functions on secure adoption and use of enterprise tooling
- Shadow IT identification and reduction
- SSO, SCIM, and lifecycle management implementation
- Least-privilege and role-based access control adoption
- SaaS platform logging, monitoring, and detection coverage
- 8+ years of experience in security engineering, with a strong focus on enterprise and SaaS security
- Deep experience securing major SaaS platforms such as Google Workspace, Microsoft 365, Okta, Slack, and Salesforce
- Strong understanding of identity integration, including SSO, SCIM, and lifecycle management
- Experience with SaaS security tools such as SSPM, CASB, or equivalent platforms
- Experience identifying and mitigating shadow IT risks
- Familiarity with access control models and enterprise identity systems
- Ability to operate at a Staff level, owning systems and driving cross-functional initiatives
- Confidence influencing stakeholders across security, IT, engineering, Legal, and Compliance
- Nice to have: familiarity with API security and SaaS integrations
- Nice to have: experience with automation, SaaS governance tooling, compliance frameworks, or integrating SaaS telemetry into SIEM or detection pipelines
- A highly competitive US compensation package (base + bonus + equity), with performance reviews every 12 months.
- Human-First Flexibility: We treat you as humans first. 🫶🏽 Our flexible workplace trusts Nscalers to deliver, giving you the autonomy to shape your day around life's moments.
- Equal Opportunities Statement: We strongly encourage applications from people of colour, the LGBTQ+ community, people with disabilities, neurodivergent people, parents, carers, and people from lower socio-economic backgrounds.