Sr. SaaS Application Security Engineer

About the Hiring TeamTencent Overseas IT has the mission to empower Tencent’s rapid global growth with future ready, global IT platforms, applications and services. We are chartered to lead the Overseas IT strategy, architecture, roadmap and execution. Satisfying our internal/external customers and becoming a world class global IT team are our top aspirations.

What the Role Entails

We're seeking an experienced Security Engineer - SaaS Applications to assess, monitor, and improve the security configuration and risk posture of our SaaS applications. This role will work closely with IT, Security, and Business teams to ensure compliance with security best practices, regulatory requirements, and internal policies. The ideal candidate has a strong understanding of cloud-based SaaS environments, security frameworks, and risk assessment methodologies.

Plan & Design

Build compliance requirements and SaaS Application security baselines, ensuring SaaS applications are implemented to align with requirements. Evaluate new applications to ensure implementation can meet security baselines.  Research options for compliance remediation and coordinate with the Systems Administration team to implement solutions.  Determine risks and remediation options with implemented SaaS applications.  Monitor third-party risk exposure, reviewing vendor security practices, data protection measures, and incident response plans. Influence internal security strategy, to develop and execute security initiatives to meet our objectives, and to define the criteria and measurements that we use to assess our progress. Work with IT and business stakeholders to integrate security controls into SaaS procurement and governance processes. Collaborate and build relationships with multiple teams throughout the organization, including IT, software engineering, and DevOps.

Execute

Document SaaS application configuration settings, integrations, service accounts and take ownership of recertification needs.  Evaluate the security configuration, access controls, and risk posture of SaaS applications used across the organization. Secure single-sign on platforms and enforce strong access controls across SaaS and in-house systems. Implement and maintain continuous monitoring processes to detect misconfigurations, access anomalies, and potential security threats. Perform account lifecycle management auditing tasks and create documentation detailing account lifecycle needs.  Examine all relevant application logs to determine trends and identify incidents or areas for concern.  Validate and maintain incident response plans and processes to address potential threats.  Assist in compliance audits and security certifications by providing necessary documentation and technical insights.

Compile and analyze data for management reporting and metrics. 

Who We Look For

Experience with SSPM.

3+ years of experience in Identity, authentication, and access management.

3+ years of experience in Saas Application Integration and configuration management.

3+ years of experience in performing SaaS security and configuration assessments.

3+ years of experience in Working knowledge of compliance standards and risk mitigation.

Experience securing key enterprise systems, including e-mail and communications, developer tools, customer relationship management, and back-office functions.

Strong problem-solving abilities.

Experience working with remote, globally distributed teams.

Demonstrated proficiency in working with cross-functional teams, including IT, Security, GRC and other business owners.

Basic scripting skills in Python, PowerShell, or Bash.

Information Security and Cloud-Relevant certifications are preferred.

Equal Employment Opportunity at Tencent

As an equal opportunity employer, we firmly believe that diverse voices fuel our innovation and allow us to better serve our users and the community. We foster an environment where every employee of Tencent feels supported and inspired to achieve individual and common goals.